Huawei Quidway NE40E Configuration Manual Download Page 889 | Manualshive

Page: 889 / 1301

background image

KeepAlive messages 1
Notification messages 0
Refresh messages 0
Authentication type configured: None
Last keepalive received: 2012-03-06 19:17:37 UTC-8:00
Last keepalive sent : 2012-03-06 19:17:37 UTC-8:00
Last update received: 2012-03-06 19:17:43 UTC-8:00
Last update sent : 2012-03-06 19:17:37 UTC-8:00
Minimum route advertisement interval is 15 seconds
Optional capabilities:
Route refresh capability has been enabled
4-byte-as capability has been enabled
Peer Preferred Value: 0
Routing policy configured:
No routing policy is configured

8.23 Configuring BGP Security

Authentication can be implemented during the establishment of a TCP connection to enhance
BGP security.

8.23.1 Before You Start

Before configuring BGP security, familiarize yourself with the usage scenario, complete the pre-
configuration tasks, and obtain the data required for the configuration.

Applicable Environment

Message digest 5 (MD5) authentication, keychain authentication, or Generalized TTL Security
Mechanism (GTSM) can be configured on a BGP network to enhance BGP security.

NOTE

By default, authentication is not configured for BGP. Configuring authentication is recommended to ensure
system security.

l

MD5 authentication
BGP uses TCP as the transport protocol and considers a packet valid as long as the source
address, destination address, source port, destination port, and TCP sequence number of
the packet are correct. Most parameters in a packet can be easily obtained by attackers. To
protect BGP against attacks, MD5 authentication can be used during TCP connection
establishment between BGP peers to reduce the possibility of attacks.
To prevent the MD5 password set on a BGP peer from being decrypted, you need to update
the MD5 password periodically.

l

Keychain authentication
A keychain consists of multiple authentication keys, each of which contains an ID and a
password. Each key has a lifecycle. Based on the life cycle of a key, you can dynamically
select different authentication keys from the keychain. After keychains with the same rules
are configured on the two ends of a BGP connection, the keychains can dynamically select
authentication keys to enhance BGP attack defense.

l

BGP GTSM
The Generalized TTL Security Mechanism (GTSM) is used to prevent attacks by using the
TTL detection. If an attack simulates BGP packets and sends a large number of packets to
a router, an interface through which the router receives the packets directly sends the

HUAWEI NetEngine80E/40E Router
Configuration Guide - IP Routing

8 BGP Configuration

Issue 02 (2014-09-30)

Huawei Proprietary and Confidential

Copyright © Huawei Technologies Co., Ltd.

864

«
...
887
888
889
890
891
...
»

Summary of Contents for Quidway NE40E

Page 1: ...HUAWEI NetEngine80E 40E Router V600R008C10 Configuration Guide IP Routing Issue 02 Date 2014 09 30 HUAWEI TECHNOLOGIES CO LTD ...

Page 2: ... be within the purchase scope or the usage scope Unless otherwise specified in the contract all statements information and recommendations in this document are provided AS IS without warranties guarantees or representations of any kind either express or implied The information in this document is subject to change without notice Every effort has been made in the preparation of this document to ens...

Page 3: ...recommended l If the plain parameter is specified the password will be saved in plaintext in the configuration file which has a high security risk Therefore specifying the cipher parameter is recommended To further improve device security periodically change the password l Do not set both the start and end characters of a password to This causes the password to be displayed directly in the configu...

Page 4: ...s performance deterioration or unanticipated results NOTICE is used to address practices not related to personal injury Calls attention to important information best practices and tips NOTE is used to address information not related to personal injury equipment damage and environment deterioration Command Conventions The command conventions that may be found in this document are defined as follows...

Page 5: ...an be selected 1 n The parameter before the sign can be repeated 1 to n times A line starting with the sign is comments Change History Changes between document issues are cumulative The latest document issue contains all the changes made in earlier issues Changes in Issue 02 2014 09 30 This issue is the second official release Changes in Issue 01 2014 06 30 This issue is the first official release...

Page 6: ...ring Public Network IP FRR 12 1 4 1 Before You Start 12 1 4 2 Configuring a Route Policy 13 1 4 3 Enabling Public Network IP FRR 14 1 4 4 Checking the Configurations 15 1 5 Configuring Public Network IPv6 FRR 15 1 5 1 Before You Start 16 1 5 2 Configuring a Route Policy 16 1 5 3 Enabling Public Network IPv6 FRR 17 1 5 4 Checking the Configurations 18 1 6 Configuring VRRP for Direct Routes 19 1 6 1...

Page 7: ...Route Prefixes 52 1 17 2 Configuring Thresholds for the Number of IPv6 Route Prefixes 53 1 17 3 Configuring a Limit on the Number of IPv4 Public Route Prefixes 54 1 17 4 Configuring a Limit on the Number of IPv6 Public Route Prefixes 55 1 18 Configuration Example 57 1 18 1 Example for Configuring Public Network IP FRR 57 1 18 2 Example for Configuring Public Network IPv6 FRR 60 1 18 3 Example for ...

Page 8: ... 111 2 7 Configuring NQA for IPv6 Static Routes 112 2 7 1 Before You Start 112 2 7 2 Configuring an ICMP NQA Test Instance 113 2 7 3 Associating a IPv6 Static Route with an NQA Test Instance 115 2 7 4 Checking the Configurations 116 2 8 Configuring IPv4 Static Routes to Inherit the Costs of Iterated Routes 117 2 9 Configuring IPv6 Static Routes to Inherit the Costs of Iterated Routes 119 2 10 Conf...

Page 9: ...abling an Interface from Receiving RIP Update Packets 175 3 6 3 Disabling RIP from Receiving Host Routes 175 3 6 4 Configuring RIP to Filter the Received Routes 176 3 6 5 Checking the Configurations 178 3 7 Configuring RIP 2 Features 179 3 7 1 Before You Start 179 3 7 2 Configuring RIP 2 Route Summarization 180 3 7 3 Configuring Packet Authentication of RIP 2 181 3 7 4 Checking the Configurations ...

Page 10: ...ering the RIPng View 229 4 2 3 Enabling RIPng in the Interface View 229 4 2 4 Checking the Configurations 230 4 3 Configuring RIPng Route Attributes 232 4 3 1 Before You Start 232 4 3 2 Configuring the RIPng Preference 233 4 3 3 Configuring Additional Metrics of an Interface 233 4 3 4 Configuring the Maximum Number of Equal Cost Routes 234 4 3 5 Checking the Configurations 235 4 4 Configuring RIPn...

Page 11: ... 5 2 Configuring Basic OSPF Functions 268 5 2 1 Before You Start 268 5 2 2 Enabling OSPF 269 5 2 3 Optional Creating OSPF Virtual Links 271 5 2 4 Optional Configuring a Route Selection Rule on the router 272 5 2 5 Optional Setting the OSPF Priority 272 5 2 6 Optional Restricting the Flooding of LSA Update Packets 273 5 2 7 Optional Configuring the Maximum Number of Packet Retransmission Attempts 2...

Page 12: ...Configuring an NSSA 313 5 9 Configuring Local MT 316 5 10 Configuring BFD for OSPF 318 5 10 1 Before You Start 318 5 10 2 Configuring BFD for OSPF in a Specified Process 319 5 10 3 Configuring BFD for OSPF on a Specified Interface 321 5 10 4 Checking the Configurations 323 5 11 Configuring OSPF IP FRR 324 5 11 1 Before You Start 324 5 11 2 Enabling OSPF IP FRR 325 5 11 3 Optional Binding OSPF IP F...

Page 13: ...e for Configuring OSPF GR 386 5 16 11 Example for Configuring OSPF BGP 390 5 16 12 Example for Configuring OSPF GTSM 399 6 OSPFv3 Configuration 404 6 1 Introduction 406 6 1 1 OSPFv3 Overview 406 6 1 2 OSPFv3 Features Supported by NE80E 40E 406 6 2 Configuring Basic OSPFv3 Functions 407 6 2 1 Before You Start 407 6 2 2 Enabling OSPFv3 407 6 2 3 Enabling OSPFv3 on an Interface 408 6 2 4 Entering the...

Page 14: ... Optimizing an OSPFv3 Network 434 6 8 1 Before You Start 434 6 8 2 Configuring the SPF Timer 435 6 8 3 Setting the Interval for Receiving LSAs 436 6 8 4 Configuring an Intelligent Timer for Generating LSAs 436 6 8 5 Suppressing an Interface from Sending and Receiving OSPFv3 Packets 437 6 8 6 Configuring DR Priority of an Interface 438 6 8 7 Configuring Stub Routers 439 6 8 8 Ignoring MTU Check on ...

Page 15: ...nfiguring the Network Management Function of OSPFv3 463 6 14 1 Before You Start 463 6 14 2 Configuring OSPFv3 MIB Binding 463 6 14 3 Configuring OSPFv3 Trap 464 6 14 4 Checking the Configurations 464 6 15 Maintaining OSPFv3 464 6 15 1 Resetting OSPFv3 464 6 16 Configuration Examples 465 6 16 1 Example for Configuring OSPFv3 Areas 465 6 16 2 Example for Configuring OSPFv3 DR Election 470 6 16 3 Exa...

Page 16: ... IS IS to Interact with Other Routing Protocols 539 7 6 1 Before You Start 539 7 6 2 Configuring a Preference Value for IPv4 IS IS 540 7 6 3 Configuring IPv4 IS IS to Import External Routes 541 7 6 4 Checking the Configurations 544 7 7 Configuring the IPv4 IS IS Route Convergence Speed 547 7 7 1 Before You Start 547 7 7 2 Configuring the Interval for Detecting IS IS Neighboring Device Failures 548...

Page 17: ...t 598 7 15 2 Configuring a Preference Value for IPv6 IS IS 599 7 15 3 Configuring IPv6 IS IS to Import External Routes 600 7 15 4 Checking the Configurations 603 7 16 Configuring the IPv6 IS IS Route Convergence Speed 606 7 16 1 Before You Start 606 7 16 2 Configuring the Interval for Detecting IS IS Neighboring Device Failures 607 7 16 3 Setting Flooding Parameters of SNPs and LSPs 609 7 16 4 Set...

Page 18: ...for Configuring the DIS Election of IS IS 656 7 24 5 Example for Configuring IS IS Load Balancing 661 7 24 6 Example for Configuring IS IS to Interact with BGP 665 7 24 7 Example for Configuring IS IS MT 669 7 24 8 Example for Configuring Local MT 675 7 24 9 Example for Configuring Basic IS IS IPv6 Functions 682 7 24 10 Example for Configuring IS IS Fast Convergence 688 7 24 11 Example for Configu...

Page 19: ...onfiguring BGP Filters 790 8 6 3 Configuring to Controll the Acceptment of BGP Routing Information 795 8 6 4 Configuring BGP Soft Reset 801 8 6 5 Checking the Configurations 802 8 7 Configuring a Device to Advertise BGP Supernet Unicast Routes to BGP Peers 804 8 8 Configuring BGP Route Aggregation 806 8 9 Configuring BGP Peer Groups 808 8 9 1 Before You Start 808 8 9 2 Creating IBGP Peer Groups 80...

Page 20: ...nfiguring a BGP Device to Send a Default Route to Its Peer 840 8 17 Configuring BGP Load Balancing 843 8 18 Configuring Path MTU Auto Discovery 849 8 19 Configuring the BGP Next Hop Delayed Response 852 8 20 Configuring BFD for BGP 854 8 21 Configuring BGP Auto FRR 857 8 22 Configuring BGP GR 860 8 22 1 Before You Start 860 8 22 2 Enabling BGP GR 861 8 22 3 Configuring Parameters for a BGP GR Sess...

Page 21: ...TSM 1035 9 BGP4 Configuration 1045 9 1 Introduction 1047 9 1 1 BGP4 Overview 1047 9 1 2 BGP4 Features Supported by the NE80E 40E 1047 9 2 Configuring Basic BGP4 Functions 1048 9 2 1 Before You Start 1048 9 2 2 Starting a BGP Process 1048 9 2 3 Configuring an IPv6 Peer 1049 9 2 4 Optional Configuring the Local Interfaces Used for BGP4 Connections 1051 9 2 5 Checking the Configurations 1052 9 3 Conf...

Page 22: ...Configuring BFD for BGP4 in a Private Network 1082 9 6 4 Checking the Configurations 1084 9 7 Configuring BGP4 PeerTracking 1084 9 7 1 Before You Start 1084 9 7 2 Enabling BGP4 Peer Tracking 1085 9 7 3 Checking the Configurations 1086 9 8 Configuring BGP4 Route Dampening 1086 9 8 1 Before You Start 1086 9 8 2 Enabling BGP4 Route Dampening 1087 9 8 3 Checking the Configurations 1087 9 9 Configuring...

Page 23: ...cking the Configurations 1115 9 16 Configuring BGP4 Security 1116 9 16 1 Before You Start 1116 9 16 2 Configuring MD5 Authentication 1117 9 16 3 Configuring Keychain Authentication 1118 9 16 4 Configuring Basic BGP4 GTSM Functions 1119 9 16 5 Checking the Configurations 1120 9 17 Maintaining BGP4 1120 9 17 1 Resetting BGP4 Connections 1120 9 17 2 Clearing BGP4 Statistics 1121 9 18 Configuration Ex...

Page 24: ...ceived by BGP 1228 10 4 6 Checking the Configurations 1232 10 5 Applying Filters to Advertised Routes 1233 10 5 1 Before You Start 1233 10 5 2 Filtering Routes Advertised by RIP 1234 10 5 3 Filtering Routes Advertised by OSPF 1236 10 5 4 Filtering Routes Advertised by IS IS 1238 10 5 5 Filtering Routes Advertised by BGP 1240 10 5 6 Checking the Configurations 1245 10 6 Applying Filters to Imported...

Page 25: ...ute Monitoring Group Configuration 1262 11 1 Overview 1263 11 1 1 Introduction 1263 11 1 2 Route Monitoring Group Features Supported by the NE80E 40E 1263 11 2 Configuring a Route Monitoring Group 1264 A Glossary 1268 B Acronyms and Abbreviations 1272 HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing Contents Issue 02 2014 09 30 Huawei Proprietary and Confidential Copyright Huawei Tech...

Page 26: ...onfigured on a master device of an IPv4 network the master device effectively diagnoses a link fault improving the security of the IPv4 network 1 7 Configuring an IPv4 Direct Route to Respond to L3VE Interface Status Changes After a Delay This section describes how to configure an IPv4 direct route to respond to Layer 3 Virtual Ethernet L3VE interface status changes after a delay During traffic sw...

Page 27: ...ce from generating black hole routes and ensure that local cell site gateways CSGs can communicate configure the device to deactivate the IPv6 network segment route that corresponds to the Layer 3 virtual Ethernet L3VE sub interface of the secondary pseudo wire PW 1 14 Configuring AGGs to Load Balance RNC to CSG Traffic This section describes how to configure access aggregation gateways AGGs to lo...

Page 28: ...re within a specified address range Run the display ip routing table acl acl number acl name verbose command to check the routes filtered by a specified basic ACL Run the display ip routing table ip prefix ip prefix name verbose command to check the routes filtered by a specified IP prefix list Run the display ip routing table protocol protocol inactive verbose command to check the routes discover...

Page 29: ...pn instance vpn instance name verbose command to check detailed information about the IPv6 VPN routing table End 1 1 2 Displaying of the Routing Management Module You can use display commands of the routing management RM module to locate routing problems Context The display commands can be run in all views Procedure l Run the display rm interface interface type interface number command to check RM...

Page 30: ...detailed introduction of FRR see the HUAWEI NetEngine80E 40E Router Feature Description IP Route For detailed configuration of VPN IP FRR and VPN FRR see the HUAWEI NetEngine80E 40E Router Configuration Guide VPN FRR can provide backup for direct static and dynamic routes including OSPF IS IS and BGP routes of NE80E 40Es 1 2 Configuring IPv4 Multi Topology By configuring multi topology on an IPv4 ...

Page 31: ...network resources on a network Figure 1 1 Networking diagram of multi topology base topology greentopology red topology blue topology Pre configuration Tasks None Data Preparation To configure IPv4 multi topology you need the following data No Data 1 Name of the IPv4 topology instance 1 2 2 Creating an IPv4 Topology Instance By configuring IPv4 topology instances you can properly use network resou...

Page 32: ...aximum number of routes supported by a specified topology instance to prevent a device from importing too many routes By default the maximum number of routes supported by a topology instance is not set When a large number of routes exist on a device but only some important routes need to be imported for a topology instance you are recommended to run the routing table limit command to set the maxim...

Page 33: ... instance Prerequisites IPv4 multi topology has been configured Procedure l Run the display ip topology topology name verbose command to check IPv4 multi topology information l Run the display ip routing table topology topology name verbose command to check the routing table of IPv4 multi topology End Example Run the display ip topology topology name verbose command after configuring IPv4 multi to...

Page 34: ...links may be heavily congested while other links are relatively idle A solution to this problem is to divide a physical network into different logical topologies for different services Such a solution is called multi topology As shown in Figure 1 2 multi topology is configured on the network the base topology includes all devices on the network other topology instances such as the green topology r...

Page 35: ...s displayed Step 2 Run ipv6 topology topology name An IPv6 topology instance is created and the IPv6 topology view is displayed By default there are only base topology instances in the system Generally base is the name of a base topology instance and multicast is the name of a multicast topology instance A maximum of 32 IPv6 topology instances including 1 base topology instance 1 multicast topolog...

Page 36: ...6 topology instance needs to be bound Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface name The interface view is displayed Step 3 Run ipv6 topology topology name enable Multi topology is configured in the specified interface view and the specified interface is bound to the specified topology instance By default the interface is bound to t...

Page 37: ...lic network 1 4 1 Before You Start Before configuring public network IP FRR familiarize yourself with the usage scenario complete the pre configuration tasks and obtain the data required for the configuration Applicable Environment Public network IP Fast Reroute FRR is applicable to the services that are sensitive to packet loss and delay on the public network Pre configuration Tasks Before config...

Page 38: ...description in Optional Configuring the If Match Clause If the matching condition is not set IP FRR backs up outbound interfaces and next hops for all routes in the routing table In this manner certain routes that do not need to be backed up are also configured with backup information Therefore you need to correctly set the relationship between routes to be backed up and backup routes Using the ma...

Page 39: ...tbound interfaces and backup next hops can take effect Only one route policy can be applied at a time If the ip frr command is run more than once the latest configuration overrides the previous one Step 3 Optional Enable the IP FRR poison reverse 1 Run interface interface type interface number sub interface number The interface or sub interface view is displayed The Eth Trunk interface view Eth Tr...

Page 40: ...d ip address2 in the routing table End Example Run the display ip routing table ip address verbose command to view the backup outbound interface and the backup next hop in the routing table An example command output is as follows HUAWEI display ip routing table 172 17 1 0 verbose Route Flags R relay D download to fib Routing Table Public Summary Count 1 Destination 172 17 1 0 24 Protocol OSPF Proc...

Page 41: ... forwarding information for IPv6 routes When the active link becomes faulty the system can switch the traffic immediately to the backup link This process is irrelevant to route convergence and therefore services can be recovered in a short period of time Pre configuration Tasks Before configuring IPv6 FRR on the public network complete the following tasks l Configuring static routes or an IGP to e...

Page 42: ...Run apply ipv6 backup interface interface type interface number The backup outbound interface is set Step 5 Run apply ipv6 backup nexthop ipv6 address The backup next hop is set End 1 5 3 Enabling Public Network IPv6 FRR Public network IPv6 FRR can be configured to switch traffic to a backup link when the active link becomes unavailable preventing long time service interruption Context Perform the...

Page 43: ...proxy ARP cannot be configured on one interface In the load balancing scenario poison reverse does not take effect End 1 5 4 Checking the Configurations After IPv6 FRR is configured you can view backup information about routes Prerequisites Public network IPv6 FRR has been configured Procedure l Run the display route policy route policy name command to check the route policy information l Run the ...

Page 44: ...AN users access the Internet at any time the VRRP provides reliability for LAN hosts On an IP RAN enabled with VRRP if a UPE recovers from a fault its interface connected to the RSG goes Up and generates a direct route allowing a traffic switchback As the UPE does not learn the RSG s MAC address the UPE fails to switch back some packets To help prevent the problem the direct route has to be genera...

Page 45: ...VRRP backup group is set up Routers in the VRRP backup group are prioritized The router with the highest priority functions as the master router and other routers function as backup routers l The master router transmits all services if it works properly l If the master router fails a backup router takes over services For detailed configurations of a VRRP backup group see the section VRRP Configura...

Page 46: ...of the routes are imported and advertised to the neighboring devices by OSPF IS IS and RIP it will bring a heavy load to some devices on the networks and affect the network performance In this situation you can use the vrrp virtual ip route advertise disable command to disable OSPF IS IS and RIP from advertising the routes generated by the virtual IP addresses in the VRRP backup group Step 4 Run v...

Page 47: ...rect route s cost increases by degrade cost cost lowering the direct route s priority The direct route will no longer be an optimal route l If the VRRP status becomes Master the direct route s cost is set to 0 allowing the direct route s priority to be the highest The direct route will be an optimal route End 1 6 4 Checking the Configurations After the VRRP for direct routes has been configured vi...

Page 48: ...delay During traffic switchback after an L3VE interface recovers this configuration can reduce traffic loss and improve network reliability Applicable Environment As shown in Figure 1 3 an Layer 2 Virtual Private Network L2VPN connection is set up between each access aggregation gateway AGG and the cell site gateway CSG through Layer 2 Virtual Ethernet L2VE interfaces while BGP VPNv4 peer relation...

Page 49: ...ct route between the CSG and AGG1 is modified to the configured cost In this case RSGs do not select routes advertised by AGG1 and downstream traffic still travels along Link B After the configured delay expires the cost of the direct route to the CSG is restored to the default value 0 Then RSGs select routes advertised by AGG1 and downstream traffic is switched over to Link A At this time AGG1 ha...

Page 50: ...de delay delay time degrade cost cost The direct route is configured to respond to L3VE interface status changes after a delay After you run the direct route degrade delay command on an L3VE interface and the L3VE interface goes from Down to Up the cost of the L3VE interface s direct route to the CSG is modified to the configured cost After the configured delay time expires the direct route cost i...

Page 51: ...ite gateways RSGs on an Layer 3 Virtual Private Network L3VPN L3VE interfaces are configured on AGGs and VPN instances are bound to the L3VE interfaces so that the CSG can access the L3VPN BGP is configured on AGGs to import direct routes between the CSG and AGGs These direct routes are converted to BGP VPNv6 routes and advertised to RSGs Figure 1 4 Networking of an IPv6 direct route responding to...

Page 52: ...layer protocol parameters and IPv6 addresses for interfaces to ensure that the link layer protocol of each interface is Up Data Preparation To configure an IPv6 direct route to respond to L3VE interface status changes after a delay you need the following data No Data 1 Cost of the L3VE interface s direct route to the CSG 2 Delay before the direct route cost is restored to the default value 0 Proce...

Page 53: ...After the configured delay time expires run the display ipv6 routing table vpn instance vpn instance name ipv6 address verbose command on the AGG The command output shows that the cost of the direct route to the L3VE interface is the default value 0 1 9 Configuring the Association Between the IPv4 Direct Route and PW Status This section describes how to configure the association between the IPv4 d...

Page 54: ...and AGG1 increases In this case RSGs do not preferentially select routes advertised by AGG1 and downstream traffic still travels along Link B After PW1 between the CSG and AGG1 becomes the primary PW the cost of the direct route between the CSG and AGG1 is restored to the default value 0 Then RSGs preferentially select routes advertised by AGG1 and downstream traffic is switched over to Link A At ...

Page 55: ...cost cost The association between the direct route and PW status is configured After you run the direct route track pw state command on a L3VE interface the system will adjust the cost of the direct route to the L3VE interface based on the PW status If the PW is standby the system modifies the direct route cost to the configured value cost If the PW is active the system restores the direct route c...

Page 56: ...L3VE interfaces so that the CSG can access the Layer 3 Virtual Private Network L3VPN BGP is configured on AGGs to import IPv6 direct routes between the CSG and AGGs These IPv6 direct routes are converted to BGP VPNv6 routes and advertised to RSGs Figure 1 6 Networking of the association between the IPv6 direct route and PW status AGG2 RSG2 AGG1 RSG1 RNC NodeB CSG L2VPN BGP MPLS IPv6 VPN Link A Lin...

Page 57: ...parameters and IP addresses for interfaces to ensure that the link layer protocol of each interface is Up Data Preparation To configure the association between the IPv6 direct route and PW status you need the following data No Data 1 Cost of the L3VE interface s direct route to the CSG Procedure Step 1 Run system view The system view is displayed Step 2 Run interface virtual ethernet interface num...

Page 58: ...t shows that the IPv6 direct route to the L3VE interface has the default cost 0 1 11 Configuring the Association Between the IPv4 Direct Routes and IPSec Instance Status The association between IPv4 direct routes and IP security IPSec instance status ensures that data encrypted using IPSec can be transmitted to the correct radio network controller site gateway RSG Usage Scenario In an IP radio acc...

Page 59: ...iguration you need the following data No Data 1 Cost for IPv4 direct routes generated on each IPSec tunnel interface Procedure Step 1 Run system view The system view is displayed Step 2 Run interface tunnel interface number A tunnel interface is created and the tunnel interface view is displayed Step 3 Run tunnel protocol ipsec The encapsulation protocol is set to IPSec on the tunnel interface Ste...

Page 60: ...tual private network L3VPN the system keeps the L3VE sub interface of the secondary PW Up This mechanism spares the L3VE sub interface from negotiation of the Up state during the primary secondary PW switchover reducing traffic loss and accelerating route convergence especially when many L3VE sub interfaces exist However when the L3VE sub interface is Up the system generates a network segment rout...

Page 61: ...ed on CSG2 The network segment route from AGG1 to CSG2 becomes a black hole route To address this problem deactivate the network segment route that corresponds to the L3VE sub interface of the secondary PW by running the direct route track pw state deactive standby command on the L3VE sub interface on AGG1 connecting to CSG2 When PW4 is the secondary PW AGG1 cannot generate the network segment rou...

Page 62: ...Step 1 Run system view The system view is displayed Step 2 Run interface virtual ethernet interface number A VE interface is created and the VE interface view is displayed Step 3 Run ve group ve group id l3 access The VE interface is configured as an L3VE interface and bound to a VE group NOTE The L2VPN can access the L3VPN only if the L2VE and L3VE interfaces are bound to the same VE group and re...

Page 63: ...oopBack0 After you configure the direct route track pw state deactive standby command on an L3VE sub interface of the secondary PW run the display ip routing table vpn instance command on the AGG The command output shows no IPv4 network segment route that corresponds to the L3VE sub interface of the secondary PW HUAWEI display ip routing table vpn instance vrf1 Route Flags R relay D download to fi...

Page 64: ... configured on the AGGs and VPN instances are bound to the L3VE sub interfaces so that the CSGs can access the L3VPN BGP is configured on the AGGs to import direct routes between the CSGs and AGGs These direct routes are converted to BGP VPNv6 routes and advertised to the RSGs Figure 1 8 Networking of L2VPN accessing the L3VPN RNC CSG1 NodeB NodeB AGG1 RSG1 CSG2 AGG2 RSG2 PW1 PW3 PW2 PW4 BGP MPLS ...

Page 65: ...tween CSG1 and CSG2 Pre configuration Tasks Before configuring a device to deactivate the IPv6 network segment route that corresponds to an L3VE sub interface configure link layer protocol parameters and IPv6 addresses for interfaces to ensure that the link layer protocol of each interface is Up Data Preparation None Procedure Step 1 Run system view The system view is displayed Step 2 Run interfac...

Page 66: ...TunnelID 0x0 Interface Virtual Ethernet1 0 1 1 Flags D Destination 2001 db8 1 1 PrefixLength 128 NextHop 1 Preference 0 Cost 0 Protocol Direct RelayNextHop TunnelID 0x0 Interface Virtual Ethernet1 0 1 1 Flags D Destination FE80 PrefixLength 10 NextHop Preference 0 Cost 0 Protocol Direct RelayNextHop TunnelID 0x0 Interface NULL0 Flags D After you configure the direct route ipv6 track pw state deact...

Page 67: ... network resource usage and reliability carriers expect that AGG1 transmits RNC to CSG1 and RNC to CSG2 traffic and that AGG2 transmits RNC to CSG3 and RNC to CSG4 traffic Figure 1 9 Networking for an L2VPN accessing an L3VPN NodeB NodeB NodeB NodeB RNC RSG1 RSG2 AGG2 AGG1 BGP MPLS IP VPN Primary PW Secondary PW L3VE Sub interface L2VE Sub interface CSG1 CSG2 CSG3 CSG4 To meet the preceding requir...

Page 68: ...imal route with a smaller MED value from the two routes Consequently RSGs select routes advertised by AGG1 as the primary routes to CSG1 and CSG2 and routes advertised by AGG2 as the primary routes to CSG3 and CSG4 The AGGs therefore load balance RNC to CSG traffic Pre configuration Tasks Before configuring AGGs to load balance RNC to CSG traffic configure link layer protocol parameters and IP add...

Page 69: ...d L3VE interfaces are bound to the same VE group and reside on the same board 3 Run quit Return to the system view 4 Run interface virtual ethernet interface number subinterface number A VE sub interface is created and the VE sub interface view is displayed 5 Run direct route cost cost A cost is configured for ARP Vlink direct routes and routes to the directly connected network segment on the L3VE...

Page 70: ... is the value configured using the direct route cost command plus that configured using the direct route track eth trunk command If the calculated cost is greater than the maximum value 4294967295 4294967295 takes effect l If both the direct route cost and direct route degrade delay commands are run and the L3VE sub interface goes from Down to Up the cost of routes to the directly connected networ...

Page 71: ...he device obtains information about the physical interfaces using IPv4 ARP and generates relevant routing entries The routes recorded by the routing entries are called IPv4 ARP Vlink direct routes In most cases IPv4 ARP Vlink direct routes are used only to guide local traffic forwarding and are not advertised In this manner the scale and stability of the routing table can be controlled In certain ...

Page 72: ...icy name and node ID 1 15 2 Enabling the Advertisement of IPv4 ARP Vlink Direct Routes IPv4 ARP Vlink direct routes can be imported to and advertised by a dynamic protocol only if advertising IPv4 ARP Vlink direct routes is enabled Advertising IPv4 ARP Vlink direct routes allows the remote device to precisely control traffic Context Before IPv4 ARP Vlink direct routes are advertised a route policy...

Page 73: ...f OSPF is used run the import route direct cost cost route policy route policy name tag tag type type command to import IPv4 ARP Vlink direct routes to OSPF l If IS IS is used run the import route direct cost type external internal cost cost tag tag route policy route policy name level 1 level 2 level 1 2 command to import IPv4 ARP Vlink direct routes to IS IS l If BGP is used run the import route...

Page 74: ...a VLANIF interface If packets reach a VLANIF interface the device obtains information about the physical interfaces using IPv6 NDP and generates relevant routing entries The routes recorded by the routing entries are called IPv6 NDP Vlink direct routes In most cases IPv6 NDP Vlink direct routes are used only to guide local traffic forwarding and are not advertised In this manner the scale and stab...

Page 75: ... data No Data 1 Optional Route policy name and node ID 1 16 2 Enabling the Advertisement of IPv6 NDP Vlink Direct Routes IPv6 NDP Vlink direct routes can be imported to dynamic routing protocols and advertised only if the function of advertising IPv6 NDP Vlink direct routes is enabled Advertising IPv6 NDP Vlink direct routes allows the remote device to precisely control traffic Context Before IPv6...

Page 76: ...used run the import route direct cost cost route policy route policy name command to import IPv6 NDP Vlink direct routes to RIPng l If OSPFv3 is used run the import route direct cost cost inherit cost route policy route policy name tag tag type type command to import IPv6 NDP Vlink direct routes to OSPFv3 l If IS IS is used run the import route direct cost type external internal cost cost tag tag ...

Page 77: ...clude configuring thresholds for the number of route prefixes on a device and configuring a limit on the number of public route prefixes 1 17 1 Configuring Thresholds for the Number of IPv4 Route Prefixes This section describes how to configure thresholds one alarm threshold and one clear alarm threshold for the number of IPv4 route prefixes on a device After the thresholds are configured an alarm...

Page 78: ...s for the Number of IPv6 Route Prefixes This section describes how to configure thresholds one alarm threshold and one clear alarm threshold for the number of IPv6 route prefixes on a device After the thresholds are configured an alarm is generated when the number of IPv6 route prefixes on the device exceeds the alarm threshold and the alarm is cleared when the number of IPv6 route prefixes falls ...

Page 79: ...efixes to improve system security and reliability Context If the router imports a large number of routes system performance may be affected when processing services because the routes consume a lot of system resources To improve system security and reliability configure a limit on the number of IPv4 public route prefixes When the number of IPv4 public route prefixes exceeds the limit an alarm is g...

Page 80: ... router relearns IPv4 public route prefixes l Direct and static routes can still be added to the IP routing table l The snmp agent trap enable feature name rm command must have been run so that alarms can be generated Step 3 Optional Run ip prefix limit log interval interval An interval is specified for the system to generate logs after the number of IPv4 public route prefixes exceeds the limit By...

Page 81: ...emains unchanged is determined by route unchanged l If you specify route unchanged in the command the routing table remains unchanged l If you do not specify route unchanged in the command the system deletes the routes from the routing table and re adds routes By default the system deletes the routes from the routing table and re adds routes NOTE After the number of IPv6 public route prefixes exce...

Page 82: ...ublic network IP FRR GE1 0 0 192 167 10 2 24 GE2 0 0 192 167 10 1 24 GE2 0 0 192 167 11 1 24 GE3 0 0 192 167 21 1 24 GE2 0 0 192 167 21 2 24 GE2 0 0 192 167 11 2 24 GE1 0 0 192 167 20 2 24 GE3 0 0 192 167 20 1 24 GE1 0 0 172 17 1 1 24 GE1 0 0 172 18 1 1 24 RouterA RouterB RouterT RouterC Link A Link B Configuration Roadmap The configuration roadmap is as follows 1 Enable basic OSPF functions on ea...

Page 83: ... 172 17 1 1 24 RouterT route policy ip_frr_rp permit node 10 RouterT route policy if match ip prefix frr1 RouterT route policy apply backup nexthop 192 167 20 2 RouterT route policy apply backup interface gigabitethernet3 0 0 RouterT route policy quit 5 Enable public network IP FRR RouterT ip frr route policy ip_frr_rp Check information about the backup outbound interface and backup next hop on Ro...

Page 84: ...0 interface GigabitEthernet3 0 0 ip address 192 167 20 1 255 255 255 0 ospf cost 100 interface GigabitEthernet1 0 0 ip address 172 18 1 1 255 255 255 0 ospf 1 area 0 0 0 0 network 192 167 10 0 0 0 0 255 network 192 167 20 0 0 0 0 255 area 0 0 0 1 network 172 18 1 0 0 0 0 255 ip ip prefix frr1 index 10 permit 172 17 1 0 24 route policy ip_frr_rp permit node 10 if match ip prefix frrl apply backup n...

Page 85: ... configured traffic can be switched to the backup link immediately after the active link becomes faulty Networking Requirements As networks develop services such as audio online video and finance have more requirements for real time transmission Generally both active and backup links are deployed to ensure service stability However in traditional forwarding modes link switchover depends on route c...

Page 86: ...nd interface and enable IPv6 FRR on the public network to allow link B to function as the backup link for link A Data Preparation To complete the configuration you need the following data l Router ID of Router T 1 1 1 1 router ID of Router A 2 2 2 2 router ID of Router B 3 3 3 3 and router ID of Router C 4 4 4 4 l Cost 100 of GE 2 0 0 on Router T and GE 1 0 0 on Router C l Name of the route policy...

Page 87: ...0 0 quit RouterB interface GigabitEthernet 2 0 0 RouterB GigabitEthernet2 0 0 ospfv3 1 area 0 RouterB GigabitEthernet2 0 0 quit Configure Router C RouterC system view RouterC ospfv3 1 RouterC ospfv3 1 router id 3 3 3 3 RouterC ospfv3 1 quit RouterC interface GigabitEthernet 1 0 0 RouterC GigabitEthernet1 0 0 ospfv3 1 area 0 RouterC GigabitEthernet1 0 0 quit RouterC interface GigabitEthernet 2 0 0 ...

Page 88: ...1 Label NULL Protocol OSPFv3 State Active Adv Cost 2 Entry ID 267337828 EntryFlags 0x80002100 Reference Cnt 2 Tag 1 Priority medium Age 2286sec IndirectID 0x0 RelayNextHop TunnelID 0x0 Interface GigabitEthernet1 0 0 Flags D BkNextHop 2001 db8 2001 2 BkInterface GigabitEthernet2 0 0 BkLabel NULL BkTunnelID 0x0 BkPETunnelID 0x0 BkIndirectID 0x0 Step 6 If IPv6 FRR is not required run the undo ipv6 fr...

Page 89: ... db8 2001 2 apply ipv6 backup interface GigabitEthernet2 0 0 ip ipv6 prefix frr1 index 10 permit 2001 db8 2 2 128 return l Configuration file of Router A sysname RouterA ipv6 ospfv3 1 router id 2 2 2 2 interface GigabitEthernet1 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 2000 2 64 ospfv3 1 area 0 0 0 0 interface GigabitEthernet2 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 2002 1 6...

Page 90: ...e adjusts the direct route s cost based on the VRRP status This allows the master UPE to perform a traffic switchback if recovering from a fault Networking Requirements On the IP RAN shown in Figure 1 14 if UPE1 recovers from a fault its interface connected to the RSG goes Up and then a direct route is generated allowing a traffic switchback As UPE1 has not learned the RSG s MAC address UPE1 fails...

Page 91: ...rface IP Address CSG GE 1 0 0 20 1 1 1 24 UPE2 GE 1 0 0 20 1 2 2 24 GE 2 0 0 20 1 2 1 24 GE 2 0 0 20 1 3 2 24 Loopback0 1 1 1 1 32 Loopback0 3 3 3 3 32 UPE1 GE 1 0 0 20 1 1 2 24 RSG Loopback0 4 4 4 4 32 GE 2 0 0 20 1 3 1 24 Loopback0 2 2 2 2 32 Configuration Roadmap The configuration roadmap is as follows 1 Configure OSPF on the CSG UPE1 UPE2 and the RSG 2 Create backup group 1 on GE 2 0 0 of UPE1...

Page 92: ...e backup group 1 on UPE1 and set the priority level of UPE1 to 120 so that UPE1 functions as the master UPE1 system view UPE1 interface gigabitethernet 2 0 0 UPE1 GigabitEthernet2 0 0 vrrp vrid 1 virtual ip 20 1 3 111 UPE1 GigabitEthernet2 0 0 vrrp vrid 1 priority 120 UPE1 GigabitEthernet2 0 0 vrrp vrid 1 timer advertise 10 UPE1 GigabitEthernet2 0 0 quit Create backup group 1 on UPE2 and set the p...

Page 93: ...RRP backup group exists in the UPE2 s routing table The command output on UPE1 and UPE2 is as follows UPE1 display ip routing table Route Flags R relay D download to fib Routing Tables Public Destinations 10 Routes 11 Destination Mask Proto Pre Cost Flags NextHop Interface 20 1 1 0 24 Direct 0 0 D 20 1 1 2 GigabitEthernet1 0 0 20 1 1 2 32 Direct 0 0 D 127 0 0 1 GigabitEthernet1 0 0 20 1 2 0 24 OSP...

Page 94: ...E1 interface gigabitethernet 2 0 0 UPE1 GigabitEthernet2 0 0 shutdown UPE1 GigabitEthernet2 0 0 quit Run the display vrrp command on UPE2 You can view that the VRRP status is Master This indicates that after UPE1 fails UPE2 is able to become the master UPE2 display vrrp GigabitEthernet2 0 0 Virtual Router 1 State Master Virtual IP 20 1 3 111 Master IP 20 1 3 2 PriorityRun 100 PriorityConfig 100 Ma...

Page 95: ... 0 0 1 InLoopBack0 Step 7 Verify the configuration Wait 10 seconds for UPE1 to become the master run the display ip routing table command on UPE1 to view the routing information The cost of the direct route to 20 1 3 0 24 becomes 0 20 1 3 0 24 is the network segment where GE 2 0 0 resides UPE1 display ip routing table Route Flags R relay D download to fib Routing Tables Public Destinations 10 Rout...

Page 96: ...p vrid 1 virtual ip 20 1 3 111 vrrp vrid 1 priority 120 vrrp vrid 1 timer advertise 10 direct route track vrrp vrid 2 degrade cost 10203040 interface LoopBack0 ip address 2 2 2 2 255 255 255 255 ospf 1 area 0 0 0 0 network 20 1 1 0 0 0 0 255 network 20 1 3 0 0 0 0 255 return l Configuration file of UPE2 sysname UPE2 interface GigabitEthernet2 0 0 undo shutdown ip address 20 1 3 2 255 255 255 0 vrr...

Page 97: ...ned for the network segment of the VLAN can achieve this purpose When users outside the VLAN need to know the IPv4 ARP Vlink direct routes of the VLAN and apply different traffic policies to routes of the VLAN users advertising the routes destined for the network segment of the VLAN cannot meet this requirement In this case you can enable the function of IPv4 ARP Vlink direct route advertisement A...

Page 98: ...te policy to import routes only from Router B 6 Associate BGP with the route policy on Router C to filter out the network segment route of the VLAN so that Router D cannot learn the network segment route and can communicate with VLAN users only based on IPv4 ARP Vlink direct routes Data Preparation To complete the configuration you need the following data l ID of the VLAN in which Switch A and Rou...

Page 99: ... Configure Switch A HUAWEI system view HUAWEI sysname SwitchA SwitchA vlan 10 SwitchA vlan10 quit SwitchA interface GigabitEthernet 1 0 0 SwitchA GigabitEthernet1 0 0 portswitch SwitchA GigabitEthernet1 0 0 undo shutdown SwitchA GigabitEthernet1 0 0 port link type access SwitchA GigabitEthernet1 0 0 port default vlan 10 SwitchA GigabitEthernet1 0 0 quit SwitchA interface GigabitEthernet 2 0 0 Swit...

Page 100: ...rC bgp 100 RouterC bgp import route direct RouterC bgp quit Display the BGP routing table of Router C RouterC display bgp routing table BGP Local router ID is 3 3 3 3 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 9 Network NextHop MED LocPrf PrefVal Path Ogn 20 1 1 0 24 0 0 0 0 0 0 20 1 1 1 32 0 0 0 0 0 0 20 1 1 2 32...

Page 101: ...EGP incomplete Total Number of Routes 9 Network NextHop MED LocPrf PrefVal Path Ogn 20 1 1 0 24 0 0 0 0 0 0 20 1 1 1 32 0 0 0 0 0 0 20 1 1 2 32 0 0 0 0 0 0 20 1 1 3 32 0 0 0 0 0 0 20 1 1 4 32 0 0 0 0 0 0 20 2 1 0 24 0 0 0 0 0 0 20 2 1 1 32 0 0 0 0 0 0 127 0 0 0 0 0 0 0 0 0 127 0 0 1 32 0 0 0 0 0 0 Display the BGP routing table of Router D RouterD display bgp routing table BGP Local router ID is 4 ...

Page 102: ... Router B but cannot communicate with Router A End Configuration Files l Configuration file of Switch A sysname switchA vlan batch 10 interface Vlanif10 ip address 20 1 1 2 255 255 255 0 interface GigabitEthernet1 0 0 portswitch undo shutdown port link type access port default vlan 10 interface GigabitEthernet2 0 0 portswitch undo shutdown port link type access port default vlan 10 interface Gigab...

Page 103: ...ink type access port default vlan 10 interface GigabitEthernet2 0 0 undo shutdown ip address 20 2 1 1 255 255 255 0 bgp 100 router id 3 3 3 3 peer 20 2 1 2 as number 100 ipv4 family unicast undo synchronization import route direct peer 20 2 1 2 enable peer 20 2 1 2 route policy policy2 export route policy policy1 permit node 10 if match ip prefix prefix1 route policy policy2 permit node 10 if matc...

Page 104: ... with Router A You can enable the function of IPv6 NDP Vlink direct route advertisement on Router C and use a route policy to filter out the routes to the network segment of the VLAN and the route to Router A Figure 1 16 Networking diagram of importing IPv6 NDP Vlink direct routes to BGP4 VLANIF10 2001 db8 1 1 64 RouterC RouterD GE1 0 0 2001 db8 1 3 64 BGP RouterA RouterB VLANIF10 2001 db8 1 2 64 ...

Page 105: ... in this example Procedure Step 1 Configure an IP address for each interface Configure Router A HUAWEI system view HUAWEI sysname RouterA RouterA ipv6 RouterA interface GigabitEthernet 1 0 0 RouterA GigabitEthernet1 0 0 undo shutdown RouterA GigabitEthernet1 0 0 ipv6 enable RouterA GigabitEthernet1 0 0 ipv6 address 2001 db8 1 3 64 RouterA GigabitEthernet1 0 0 quit Configure Router B HUAWEI system ...

Page 106: ...Ethernet 3 0 0 SwitchA GigabitEthernet3 0 0 portswitch SwitchA GigabitEthernet3 0 0 undo shutdown SwitchA GigabitEthernet3 0 0 port link type access SwitchA GigabitEthernet3 0 0 port default vlan 10 SwitchA GigabitEthernet3 0 0 quit SwitchA interface Vlanif 10 SwitchA Vlanif10 ipv6 enable SwitchA Vlanif10 ipv6 address 2001 db8 1 2 64 SwitchA Vlanif10 quit Configure Router C HUAWEI system view HUAW...

Page 107: ...001 db8 2 1 4 100 64 59 0 00 52 15 Established 0 Step 4 Configure BGP4 on Router C and import direct routes to BGP4 Then view the routing tables of Routers C and D Configure Router C RouterC bgp 100 RouterC bgp ipv6 family unicast RouterC bgp af ipv6 import route direct RouterC bgp af ipv6 quit RouterC bgp quit Display the BGP4 routing table of Router C RouterC display bgp ipv6 routing table BGP L...

Page 108: ... FE4F 8100 PrefixLen 128 NextHop LocPrf MED 0 PrefVal 0 Label Path Ogn Network FE80 2E0 9BFF FE7E 7800 PrefixLen 128 NextHop LocPrf MED 0 PrefVal 0 Label Path Ogn Display the BGP4 routing table of Router D RouterD display bgp ipv6 routing table BGP Local router ID is 2 2 2 2 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Rou...

Page 109: ... Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 12 Network 1 PrefixLen 128 NextHop LocPrf MED 0 PrefVal 0 Label Path Ogn Network 2001 db8 1 PrefixLen 64 NextHop LocPrf MED 0 PrefVal 0 Label Path Ogn Network 2001 db8 1 1 PrefixLen 128 NextHop LocPrf MED 0 PrefVal 0 Label Path Ogn Network 2001 db8 1 2 PrefixLen 128 Next...

Page 110: ...k 2001 db8 2 PrefixLen 64 NextHop 2001 db8 2 1 LocPrf 100 MED 0 PrefVal 0 Label Path Ogn You can see that Router D has learned the IPv6 NDP Vlink direct route 2001 db8 1 4 128 whereas the route 2001 db8 1 3 128 has been filtered out Step 6 Use the route policy policy2 to filter out the network segment route 2001 db8 1 64 on Router C when BGP4 routes are advertised Configure Router C RouterC ip ipv...

Page 111: ...As a result Router D can communicate with Router B but cannot communicate with Router A End Configuration Files l Configuration file of Switch A sysname switchA ipv6 vlan batch 10 interface Vlanif10 ipv6 enable ipv6 address 2001 db8 1 2 64 interface GigabitEthernet1 0 0 portswitch undo shutdown port link type access port default vlan 10 interface GigabitEthernet2 0 0 portswitch undo shutdown port ...

Page 112: ...portswitch undo shutdown port link type access port default vlan 10 interface GigabitEthernet2 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 2 1 64 bgp 100 router id 1 1 1 1 peer 2001 db8 2 2 as number 100 ipv4 family unicast undo synchronization ipv6 family unicast undo synchronization import route direct peer 2001 db8 2 2 enable peer 2001 db8 2 2 route policy policy2 export route policy po...

Page 113: ...uter D sysname RouterD ipv6 interface GigabitEthernet1 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 2 2 64 bgp 100 router id 2 2 2 2 peer 2001 db8 2 1 as number 100 ipv4 family unicast undo synchronization ipv6 family unicast undo synchronization peer 2001 db8 2 1 enable return HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 1 IP Routing Basic Configuration Issue 02 2014 09 30...

Page 114: ...ergence and improve network reliability 2 6 Configuring NQA for IPv4 Static Routes On an IPv4 network if Bidirectional Forwarding Detection BFD for static IPv4 routes on the public network cannot be configured because one of the communicating devices does not support BFD Network Quality Analysis NQA for static IPv4 routes can be configured to detect faults in links An NQA test instance is used to ...

Page 115: ...routes to inherit the costs of iterated routes and associate the priority of IPv6 static routes with link status to improve network reliability 2 10 Configuration Examples Static route configuration examples explain networking requirements networking diagrams configuration notes configuration roadmap and configuration procedures HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 2 IP St...

Page 116: ...destination address of an IPv4 packet fails to match any entry in the routing table the router uses the IPv4 default route to forward the IPv4 packet The NE80E 40E supports ordinary static routes and the static routes associated with VPN instances The static routes associated with VPN instances are used to manage VPN routes For details of VPN instances see the HUAWEI NetEngine80E 40E Router Featur...

Page 117: ... BFD reports the fault to the RM module and then the RM module sets the route to inactive Subsequently the route becomes unavailable and is deleted from the routing table l When a BFD session is established on the link of a static route the link changes from Down to Up BFD reports the success to the RM module and then the RM module sets the route to active Subsequently the route becomes available ...

Page 118: ...s manner it is unnecessary to modify the router configuration if the remote address changes When specifying the outbound interface note the following For a Point to Point P2P interface the next hop address is specified after the outbound interface is specified That is the address of the remote interface interface on the peer device connected to this interface is the next hop address Non Broadcast ...

Page 119: ...interface or next hop IPv4 address 3 Preference of the IPv4 static route 2 2 2 Configuring an IPv4 Static Route on the Public Network When configuring an IPv4 static route configure its destination address outbound interface and next hop Context Perform the following steps on the router to be configured with a static route Procedure Step 1 Run system view The system view is displayed Step 2 Run ip...

Page 120: ...iguring Static Route Selection Based on Relay Depth After static route selection based on relay depths is configured the static route module selects the static route with the smallest relay depth as the active route and delivers it to the FIB table The other routes become inactive Context After static routes are configured multiple static routes with the same prefix and preference but different re...

Page 121: ...rtisement of static routes is configured static routes always take effect regardless of the outbound interface status In this case the system forwards ping packets along a specified path only which helps detect the link status of the specified path Perform the following steps on the router where IPv4 static routes need to be configured Procedure Step 1 Run system view The system view is displayed ...

Page 122: ...sk length nexthop address interface type interface number nexthop address preference preference tag tag description text Static IPv4 routes are configured in another topology instance By default no static IPv4 routes are configured in a topology instance End 2 2 7 Checking the Configurations After an IPv4 static route is configured you can check detailed information about the configured IPv4 stati...

Page 123: ... route you need the following data No Data 1 Destination address and mask 2 Outbound interface or next hop IPv6 address 3 Preference of the IPv6 static route 2 3 2 Configuring an IPv6 Static Route on the Public Network When configuring an IPv6 static route you need to correctly configure its destination address outbound interface and next hop Context Perform the following steps on the router to be...

Page 124: ...The default preference of IPv6 static routes is set By default the preference of IPv6 static routes is 60 When an IPv6 static route is configured the default preference is used if the preference of the static route is not explicitly specified After the default preference is specified the default preference is valid for subsequent rather than existing IPv6 static routes End 2 3 4 Configuring Static...

Page 125: ...e is configured you can check detailed information about the configured route Prerequisites An IPv6 static route has been configured Procedure l Run the display ipv6 routing table command to check brief information about the IPv6 routing table l Run the display ipv6 routing table verbose command to check detailed information about the IPv6 routing table End 2 4 Configuring BFD for IPv4 Static Rout...

Page 126: ...ure BFD for IPv4 static routes on the public network you need the following data No Data 1 Destination address and mask 2 Outbound interface or next hop IPv4 address 3 IP address of the peer detected by BFD 4 Local discriminator and remote discriminator of a BFD session 2 4 2 Configuring an IPv4 static route When configuring an IPv4 static route configure its destination address outbound interface...

Page 127: ...ness The BFD session cannot be established if incorrect peer IP address or source IP address is bound l When the IP address of the peer and the local interface are both specified a single hop link is monitored BFD monitors the route with the outbound interface specified and peer ip as the next hop IP address specified When only the IP address of the peer is specified multi hop routes are monitored...

Page 128: ...e static route resides on the same link as the BFD session Context Perform the following steps on the router to bind a static route to a BFD session Procedure Step 1 Run system view The system view is displayed Step 2 Run ip route static ip address mask mask length nexthop address interface type interface number nexthop address preference preference tag tag track bfd session bfd name description t...

Page 129: ...rio complete the pre configuration tasks and obtain the data required the configuration Applicable Environment IPv6 BFD can rapidly detect IPv6 forwarding failures ensuring QoS for voice video and other video on demand VoD services on an IPv6 network With IPv6 BFD service providers can provide voice over IP VoIP and other real time services with high availability and scalability By binding IPv6 st...

Page 130: ...v6 static route is configured When configuring a static route you need to specify either the outbound interface or the next hop address according to the actual situation If the outbound interface is a Point to Point P2P interface you can simply specify the outbound interface If the outbound interface is a non P2P interface you must also specify the next hop address in addition to specifying the ou...

Page 131: ...riminator local discr value The local discriminator is configured l Run discriminator remote discr value The remote discriminator is configured NOTE The local discriminator of the local device corresponds to the remote discriminator of the remote device and the remote discriminator of the local device corresponds to the local discriminator of the remote device The local discriminator of the local ...

Page 132: ...tor discr value verbose slot slot id command to check BFD session information l Run the display current configuration include bfd command to check the configuration of BFD for static routes You can view BFD session information only after BFD session parameters are set and a BFD session is established If BFD session negotiation succeeds you can view that the status of the BFD session is Up You can ...

Page 133: ...outing protocols cannot be deployed As a result no IGP convergence occurs In these situations NQA for static IPv4 routes can be configured to detect link faults It can be used to detect faults in links where Layer 2 devices reside and take effect even if only one of the two communicating devices supports NQA If a fault occurs an NQA test instance can immediately detect the fault and instruct the s...

Page 134: ...cks whether a route from the NQA client to the destination is reachable The ICMP NQA test performs a function similar to the ping command but provides more detailed output l By default the output contains the five most recent tests l The test result contains information including the average delay packet loss ratio and time when the last packet was correctly received The minimum interval at which ...

Page 135: ...a static IPv4 route is associated with an NQA test instance NQA tests the link status periodically After NQA detects a fault in the link related to the associated static route the static route is deleted and traffic diverts to another path Context On a network with a simple topology configuring static routes is usually adequate enough to ensure the network is able to operate correctly Static route...

Page 136: ...tions for static IPv4 routes have been configured NOTE NQA test results cannot be displayed automatically on the terminal To check NQA test results run the display nqa results command By default the command output shows the results of the five most recent tests Procedure Step 1 Run the display current configuration include nqa command to check NQA configurations for static IPv4 routes Step 2 Run t...

Page 137: ...and is configured for an NQA test instance testflag is active is displayed If the frequency interval command is not configured for an NQA test instance the NQA test is performed only once and testflag is inactive is displayed 2 7 Configuring NQA for IPv6 Static Routes On an IPv6 network if interconnected devices do not support BFD BFD for IPv6 static routes cannot be configured You can configure n...

Page 138: ... 4 IPv6 address or outbound interface for the static route next hop 2 7 2 Configuring an ICMP NQA Test Instance NQA is an effective tool for diagnosing and locating network faults Context NQA measures the performance of different protocols running on a network With NQA carriers can collect the operation indexes of networks in real time for example total delay of Hypertext Transfer Protocol HTTP de...

Page 139: ...p 2 Run nqa test instance admin name test name An NQA test instance is created and the test instance view is displayed Step 3 Run test type icmp The test type is set to ICMP Step 4 Run destination address ipv6 ipv6 address The destination address is set In an NQA test instance you can specify an NQA server by running the destination address command to specify a destination address for an NQA test ...

Page 140: ...configuring static routes allows the network to work properly When the router fails to set up a route by using the dynamic routing protocol you can configure a static route Unlike dynamic routing protocols static routes do not have a dedicated detection mechanism Static routes cannot detect faults on the network which probably causes traffic loss NQA for IPv6 static routes enables a static route t...

Page 141: ...display nqa results test instance admin name test name command to check the NQA test result End Example After configurations are complete run the display current configuration include nqa command in the system view to check whether a static IPv6 route is associated with the NQA test instance An example command output is as follows HUAWEI display current configuration include nqa ipv6 route static ...

Page 142: ...Private Network L3VPN In such a scenario the direct route cost is usually controlled by Configuring an IPv4 direct route to respond to L3VE interface status changes after a delay or by Configuring the association between the IPv4 direct route and PW status This will reduce downstream traffic loss during the traffic switchback after the primary pseudo wire PW recovers However on the network shown i...

Page 143: ...s static routes to RSGs RSGs do not preferentially select these routes and downstream traffic still travels along Link B l If PW1 becomes active the direct route between AGG1 and the CSG has the default cost 0 Because the static routes on AGG1 inherit the direct route cost the static routes also have the cost value 0 In this case after AGG1 advertises static routes to RSGs RSGs select these routes...

Page 144: ...o iterate the static route only to ARP Vlink routes If the primary PW fails the master AGG deletes its ARP Vlink route Without the ARP Vlink route the static route cannot be iterated Therefore the master AGG deletes the static route as well Then RSGs select the routes advertised by the backup AGG and forwards RNC to NodeB traffic through the backup AGG End Checking the Configurations After the con...

Page 145: ...esses of the base stations yet and the primary PW is unavailable so packets are dropped during the traffic switchback Figure 2 2 Networking of configuring IPv6 static routes to inherit costs of iterated routes AGG2 RSG2 AGG1 RSG1 RNC CSG L2VPN BGP MPLS IPv6 VPN Link A Link B PW1 PW2 PW NodeB NodeB NodeB Loopback0 1 1 128 Loopback0 1 2 128 Loopback0 1 3 128 To solve this problem you can configure I...

Page 146: ...e is configured to inherit the iterated route cost vpn source name specifies the VPN instance that is bound to the Layer 3 Virtual Ethernet L3VE interface nexthop address specifies the IP address of NodeB interface connected to the AGG NOTE In an IP RAN scenario you can configure IPv6 static routes to inherit iterated route costs after Configuring an IPv6 direct route to respond to L3VE interface ...

Page 147: ... 1 2 1 24 POS2 0 0 1 1 4 5 30 POS1 0 0 1 1 4 6 30 GE2 0 0 1 1 3 1 24 PC2 PC3 1 1 1 2 24 1 1 2 2 24 1 1 3 2 24 Because dynamic routing protocols cannot be configured on PC1 PC2 and PC3 in Figure 2 3 so we configure static routes on the routers in this example Configuration Roadmap The configuration roadmap is as follows 1 Configure an IPv4 address for each interface on each router for interworking ...

Page 148: ...Step 4 Verify the configuration Check the IP routing table of Router A RouterA display ip routing table Route Flags R relay D download to fib Routing Tables Public Destinations 7 Routes 7 Destination Mask Proto Pre Cost Flags NextHop Interface 0 0 0 0 0 Static 60 0 RD 1 1 4 2 Pos1 0 0 1 1 1 0 24 Direct 0 0 D 1 1 1 1 GigabitEthernet2 0 0 1 1 1 1 32 Direct 0 0 D 127 0 0 1 GigabitEthernet2 0 0 1 1 4 ...

Page 149: ...1 1 4 2 return l Configuration file of Router B sysname RouterB interface GigabitEthernet3 0 0 ip address 1 1 2 1 255 255 255 0 interface Pos1 0 0 link protocol ppp ip address 1 1 4 2 255 255 255 252 interface Pos2 0 0 link protocol ppp ip address 1 1 4 5 255 255 255 252 ip route static 1 1 1 0 255 255 255 0 1 1 4 1 ip route static 1 1 3 0 255 255 255 0 1 1 4 6 return l Configuration file of Route...

Page 150: ...n PC1 PC2 and PC3 in Figure 2 4 so we configure static routes on the routers in this example Addresses of POS interfaces on the routers are IPv6 link local addresses Configuration Roadmap The configuration roadmap is as follows 1 Configure an IPv6 address for each GE interface on each router for interworking 2 Configure an IPv6 static route and a default route to the destination address on each ro...

Page 151: ...tatic 0 pos 1 0 0 Step 3 Configure host addresses and gateways Configure IPv6 addresses for hosts according to the networking diagram and set default gateway addresses of PC1 PC2 and PC3 to 2001 db8 1 1 2001 db8 2 1 and 2001 db8 3 1 respectively Step 4 Verify the configuration Check the IPv6 routing table of Router A RouterA display ipv6 routing table Routing Table Public Destinations 5 Routes 5 D...

Page 152: ... Sequence 5 hop limit 254 time 63 ms 2001 db8 3 1 ping statistics 5 packet s transmitted 5 packet s received 0 00 packet loss round trip min avg max 62 62 63 ms Run the tracert command on Router A to verify the connectivity RouterA tracert ipv6 2001 db8 3 1 traceroute to 2001 db8 3 1 30 hops max 60 bytes packet 1 FE80 E0 FCD5 86D4 401 11 ms 3 ms 4 ms 2 2001 db8 3 1 4 ms 3 ms 3 ms End Configuration...

Page 153: ... for IPv4 Static Routes To improve network reliability you can configure BFD for static route to rapidly detect link faults and speed up route convergence Networking Requirements As shown in Figure 2 5 l Router A is connected to Router B through Switch C l It is required that Router A can communicate with other routers and the network l a BFD session is configured between Router A and Router B to ...

Page 154: ...ep 1 Configure an IP address for each interface The configuration details are not described here Step 2 Configure a BFD session between Router A and Router B On Router A configure a BFD session with Router B RouterA system view RouterA bfd RouterA bfd quit RouterA bfd aa bind peer ip 1 1 1 2 RouterA bfd session aa discriminator local 10 RouterA bfd session aa discriminator remote 20 RouterA bfd se...

Page 155: ...0 Static 60 0 RD 1 1 1 2 GigabitEthernet1 0 0 1 1 1 0 24 Direct 0 0 D 1 1 1 1 GigabitEthernet1 0 0 1 1 1 1 32 Direct 0 0 D 127 0 0 1 GigabitEthernet1 0 0 Run the shutdown command on GE 1 0 0 of Router B to simulate a link fault RouterB interface GigabitEthernet 1 0 0 RouterB GigabitEthernet1 0 0 shutdown Check the IP routing table of Router A The command output shows that default route 0 0 0 0 0 d...

Page 156: ...rk reliability you can configure BFD for IPv6 static route to rapidly detect link faults and speed up route convergence Networking Requirements As shown in Figure 2 6 l Router A is connected to Router B through Switch C l It is required that Router A can communicate with other routers and the network l a BFD session is configured between Router A and Router B to detect the link between the two dev...

Page 157: ...erface The configuration details are not described here Step 2 Configure a BFD session between Router A and Router B On Router A configure a BFD session with Router B RouterA system view RouterA bfd RouterA bfd quit RouterA bfd aa bind peer ipv6 2001 db8 1 2 RouterA bfd session aa discriminator local 10 RouterA bfd session aa discriminator remote 20 RouterA bfd session aa commit RouterA bfd sessio...

Page 158: ...otocol Static RelayNextHop TunnelID 0x0 Interface GigabitEthernet 1 0 0 Flags RD Destination 1 PrefixLength 128 NextHop 1 Preference 0 Cost 0 Protocol Direct RelayNextHop TunnelID 0x0 Interface InLoopBack0 Flags D Destination 2001 db8 1 PrefixLength 64 NextHop 2001 db8 1 1 Preference 0 Cost 0 Protocol Direct RelayNextHop TunnelID 0x0 Interface GigabitEthernet 1 0 0 Flags D Destination 2001 db8 1 1...

Page 159: ...gabitEthernet 1 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 1 1 64 bfd aa bind peer ipv6 2001 db8 1 2 discriminator local 10 discriminator remote 20 commit ipv6 route static 0 2001 db8 1 2 track bfd session aa return l Configuration file of Router B sysname RouterB ipv6 bfd interface GigabitEthernet 1 0 0 undo shutdown shutdown ipv6 enable ipv6 address 2001 db8 1 2 64 interface Pos2 0 0 li...

Page 160: ...n the administrator delays the link switchover which is likely to interrupt services for a comparatively long time BFD for static routes can be deployed to monitor the status of a link but it requires that both ends of the link support BFD If either end of the link does not support BFD you can configure NQA for static IPv4 routes to monitor the link status On the IP MAN shown in Figure 2 7 redunda...

Page 161: ... is similar on Router A Router B and Router C Configuration Roadmap The configuration roadmap is as follows 1 Establish an ICMP NQA test instance for the NQA client Router B and the tested device Switch A to test whether the active link of Router B Switch A works properly 2 Configure static routes on Router B and Router C and associate the static route on Router B with the NQA test instance If the...

Page 162: ...th an NQA test instance RouterB ip route static 172 16 7 0 255 255 255 0 GigabitEthernet 1 0 0 172 16 1 2 track nqa aa bb Configure a static route on Router C RouterC ip route static 172 16 7 0 255 255 255 0 GigabitEthernet 3 0 0 172 16 6 2 Step 4 Configure a dynamic routing protocol on Router A Router B and Router C This example uses OSPF For detailed instructions on configuring OSPF see 5 OSPF C...

Page 163: ...t ratio 0 is displayed indicating that the link works properly Check the routing table on Router B The routing table contains this static route RouterB display ip routing table Route Flags R relay D download to fib Routing Tables Public Destinations 13 Routes 13 Destination Mask Proto Pre Cost Flags NextHop Interface 127 0 0 0 8 Direct 0 0 D 127 0 0 1 InLoopBack0 127 0 0 1 32 Direct 0 0 D 127 0 0 ...

Page 164: ...thernet1 0 0 shutdown RouterB GigabitEthernet1 0 0 quit Check the NQA test results RouterB display nqa results test instance aa bb NQA entry aa bb testflag is active testtype is icmp 1 Test 2086 result The test is finished Send operation times 1 Receive response times 0 Completion failed RTD OverThresholds number 0 Attempts number 1 Drop operation number 1 Disconnect operation number 0 Operation t...

Page 165: ... 16 3 1 32 Direct 0 0 D 127 0 0 1 GigabitEthernet1 0 0 172 16 3 2 32 Direct 0 0 D 172 16 3 2 GigabitEthernet1 0 0 172 16 4 0 24 Direct 0 0 D 172 16 4 1 GigabitEthernet2 0 0 172 16 4 1 32 Direct 0 0 D 127 0 0 1 GigabitEthernet2 0 0 172 16 4 2 32 Direct 0 0 D 172 16 4 2 GigabitEthernet2 0 0 172 16 7 0 24 O_ASE 150 20 D 172 16 4 2 GigabitEthernet2 0 0 Because the static route is associated with the N...

Page 166: ... 0 0 0 0 network 172 16 3 0 0 0 0 255 ip route static 172 16 7 0 255 255 255 0 GigabitEthernet1 0 0 172 16 1 2 track nqa aa bb nqa test instance aa bb test type icmp destination address ipv4 172 16 1 2 frequency 3 probe count 1 start now return l Configuration file of Router C sysname RouterC router id 3 3 3 3 interface GigabitEthernet1 0 0 undo shutdown ip address 172 16 2 1 255 255 255 0 interfa...

Page 167: ...time BFD for static routes is adaptable to link changes but both ends of the link must support BFD If either end of the link does not support BFD you can configure NQA for IPv6 static routes When an NQA test instance detects a link fault the static route associated with the NQA test instance will be deleted from the IP routing table and the traffic is switched to a normal route to prevent long tim...

Page 168: ...ations on Router A Router B and Router C are the same Configuration Roadmap The configuration roadmap is as follows 1 Configure an ICMP NQA test instance on the NQA client Router B to test whether the active link Router B Switch A runs properly 2 Configure static routes on Router B and Router C and associate the static route of Router B with the configured NQA test instance When a fault is detecte...

Page 169: ...Configure IPv6 static routes Configure a static IPv6 route on Router B and associate the static route with the configured NQA test instance RouterB ipv6 route static 2001 db8 7 64 GigabitEthernet 1 0 0 FE80 1 1 track nqa admin1 test1 Configure a static route on Router C RouterC ipv6 route static 2001 db8 7 64 GigabitEthernet 3 0 0 FE80 2 2 NOTE The next hop address of the static IPv6 route configu...

Page 170: ...r 0 Operation sequence errors number 0 RTT Status errors number 0 Destination ip address 2001 db8 3 2 Min Max Average Completion Time 40 40 40 Sum Square Sum Completion Time 40 1600 Last Good Probe Time 2012 01 07 11 42 46 4 Lost packet ratio 0 The command output shows Lost packet ratio 0 indicating that the link status is normal Display the routing table of Router B The static route exists in the...

Page 171: ...router A RouterB display ipv6 routing table 2001 db8 7 Routing Table Summary Count 1 Destination 2001 db8 7 PrefixLength 64 NextHop FE80 9574 0 DA4F 1 Preference 150 Cost 20 Protocol OSPFv3ASE RelayNextHop TunnelID 0x0 Interface GigabitEthernet 2 0 0 Flags D Display the routing table of Router A RouterA display ipv6 routing table 2001 db8 7 Routing Table Summary Count 1 Destination 2001 db8 7 Pref...

Page 172: ...8 3 1 64 interface GigabitEthernet2 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 1 2 64 ospfv3 1 area 0 0 0 0 interface GigabitEthernet3 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 5 1 64 ipv6 route static 2001 db8 7 64 GigabitEthernet1 0 0 FE80 1 1 track nqa admin1 test1 nqa test instance admin1 test1 test type icmp destination address ipv6 2001 db8 3 2 frequency 3 probe count 1 st...

Page 173: ...arded along a specified path you can detect links of the forwarding path by pinging the destination addresses of static routes In this manner you can monitor services at a very low cost As shown in Figure 2 9 EBGP peer relationships are established between Router A and Router B and between Router A and Router C by using static routes There are two links Link A and Link B between Router A and Route...

Page 174: ... is the address of Loopback0 on Router B and outbound interface is POS 1 0 0 on Router A 4 On Router A configure permanent advertisement of the static route to the address of Loopback0 on Router B In this manner when POS 1 0 0 on Router A becomes faulty the static route to the address of Loopback0 on Router B still takes effect Data Preparation To complete the configuration you need the following ...

Page 175: ...t 0 0 D 127 0 0 1 Pos1 0 0 30 1 1 0 24 Direct 0 0 D 30 1 1 2 Pos2 0 0 30 1 1 1 32 Direct 0 0 D 30 1 1 1 Pos2 0 0 30 1 1 2 32 Direct 0 0 D 127 0 0 1 Pos2 0 0 127 0 0 0 8 Direct 0 0 D 127 0 0 1 InLoopBack0 127 0 0 1 32 Direct 0 0 D 127 0 0 1 InLoopBack0 The preceding display shows that Router C has learned the OSPF route to 2 2 2 2 32 Step 3 Configure EBGP connections and establish EBGP peer relatio...

Page 176: ... D 20 1 1 2 Pos2 0 0 127 0 0 0 8 Direct 0 0 D 127 0 0 1 InLoopBack0 127 0 0 1 32 Direct 0 0 D 127 0 0 1 InLoopBack0 The preceding display shows that Router A has learned the BGP route to 2 2 2 2 32 Step 4 On Router A configure a static route whose destination address is 2 2 2 2 32 and outbound interface is POS 1 0 0 RouterA ip route static 2 2 2 2 32 pos1 0 0 40 1 1 2 After the preceding configura...

Page 177: ... the routing table of Router A RouterA display ip routing table Route Flags R relay D download to fib Routing Tables Public Destinations 8 Routes 8 Destination Mask Proto Pre Cost Flags NextHop Interface 1 1 1 1 32 Direct 0 0 D 127 0 0 1 LoopBack0 2 2 2 2 32 Static 60 0 D 40 1 1 2 Pos1 0 0 20 1 1 0 24 Direct 0 0 D 20 1 1 1 Pos2 0 0 20 1 1 1 32 Direct 0 0 D 127 0 0 1 Pos1 0 0 20 1 1 2 32 Direct 0 0...

Page 178: ...1 2 as number 200 ipv4 family unicast undo synchronization peer 40 1 1 2 enable peer 20 1 1 2 enable ip route static 2 2 2 2 255 255 255 255 Pos1 0 0 40 1 1 2 permanent return l Configuration file of Router B sysname RouterB interface Pos1 0 0 link protocol ppp ip address 40 1 1 2 255 255 255 0 interface Pos2 0 0 link protocol ppp ip address 30 1 1 1 255 255 255 0 interface LoopBack0 ip address 2 ...

Page 179: ...255 bgp 200 peer 20 1 1 1 as number 100 ipv4 family unicast undo synchronization network 20 1 1 0 255 255 255 0 import route ospf 1 peer 20 1 1 1 enable ospf 1 import route direct area 0 0 0 0 network 20 1 1 0 0 0 0 255 network 30 1 1 0 0 0 0 255 return HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 2 IP Static Route Configuration Issue 02 2014 09 30 Huawei Proprietary and Confident...

Page 180: ...l routes to enrich routing information 3 5 Controlling the Advertising of RIP Routing Information To meet the requirements of complex networks accurately controlling the advertising of RIP routing information is essential 3 6 Controlling the Receiving of RIP Routing Information To meet the requirements of complex networks accurately controlling the receiving of RIP routing information is essential...

Page 181: ...c BFD for RIP is a mode to implement the BFD function 3 12 Configuring the Network Management Function in RIP By binding RIP to MIBs you can view and configure RIP through the NMS 3 13 Maintaining RIP This section describes how to reset RIP connections and clear RIP information 3 14 Configuration Examples In actual networking RIP versions and whether to import external routes will affect which rou...

Page 182: ...able to large scale networks To improve network performance and prevent routing loops RIP supports both split horizon and poison reverse l Split horizon is a method of preventing routing loops in a network and reducing bandwidth consumption The basic principle is simple Information about the routing for a particular packet is never sent back in the direction from which it was received l Poison rev...

Page 183: ...ement RIP features configure basic RIP functions including enabling RIP specifying the network segment in which RIP runs and setting the RIP version 3 2 1 Before You Start Before configuring basic RIP functions familiarize yourself with the usage scenario complete the pre configuration tasks and obtain the required data This can help you complete the configuration task quickly and accurately Appli...

Page 184: ...s feature allows a set of interfaces to be associated with a specific RIP process and an interface can be associated with only one RIP process This ensures that the specific RIP process performs all the protocol operations only on this set of interfaces Therefore multiple RIP processes can work on a single router and each process is responsible for a unique set of interfaces In addition the routin...

Page 185: ...d in the specified network segment network address specifies the address of a natural network segment NOTE An interface can be associated with only one RIP process If any network segment in which an interface configured with multiple sub interface IP addresses resides is associated with a RIP process the interface cannot be associated with any other RIP processes End 3 2 4 Configuring RIP Version ...

Page 186: ... precedence over the global RIP version The RIP 1 protocol poses a security risk and therefore the RIP 2 protocol is recommended End 3 2 5 Checking the Configurations After basic RIP functions are successfully configured you can view the current running status configuration and routing information of RIP Prerequisites Basic RIP functions has been configured Procedure l Run display rip process id v...

Page 187: ...6 Private VPN instance name VPN Instance 1 RIP process 2 RIP version 1 Preference 100 Checkzero Enabled Default cost 0 Summary Enabled Host route Enabled Maximum number of balanced paths 32 Update time 30 sec Age time 180 sec Garbage collect time 120 sec Graceful restart Disabled BFD Disabled Silent interfaces None Default route Disabled Verify source Enabled Networks 192 4 5 0 Configured peers No...

Page 188: ...ast and P2P Interfaces Enabled For NBMA Interfaces Disabled Packet Transmit Interval 200 msecs Packet Transmit Number 50 RIP Protocol Version RIPv1 Compatible Non Standard Run the display rip process id statistics interface all interface type interface number verbose neighbor neighbor ip address command and you can view statistics about the specified RIP interface HUAWEI display rip 1 statistics i...

Page 189: ... equal cost routes Pre configuration Tasks Before configuring RIP route attributes complete the following tasks l Configuring IP addresses for interfaces to ensure that neighboring nodes are reachable at the network layer l Configuring Basic RIP Functions Data Preparation To configure RIP route attributes you need the following data No Data 1 Additional metric of the interface 2 RIP preference 3 M...

Page 190: ...umber acl number2 match order auto config the basic ACL view is displayed 4 Run rule rule id deny permit fragment type fragment type name source source ip address source wildcard any time range time name vpn instance vpn instance name a rule is configured for the basic ACL l Based on the named advanced ACL 1 Run rip metricin value acl name acl name value1 the metric added to an incoming route is s...

Page 191: ...me name a rule is configured for the basic ACL l Based on the IP prefix rip metricout value ip prefix ip prefix name value1 NOTE You can specify the value of the metricout to be added to the RIP route that passes the filtering policy by specifying value1 through an ACL or an IP prefix list If a RIP route does not pass the filtering its metric is increased by 1 End 3 3 3 Configuring RIP Preference ...

Page 192: ...ing based on the following criteria 1 Interface index If routes have the same priorities routes with higher interface index values are selected for load balancing 2 Next hop IP address If routes have the same priorities and interface index values routes with larger IP address are selected for load balancing End 3 3 5 Checking the Configurations After RIP route attributes are successfully set you c...

Page 193: ... import routes of the non RIP protocol into the RIP network All the following commands can set the cost of the imported route which are listed in descending order of priorities l Run the apply cost command to set the cost of a route l Run the import route RIP command to set the cost of the imported route l Run the default cost RIP command to set the cost of the default route Pre configuration Task...

Page 194: ... of routing loops before configuring permit ibgp End 3 5 Controlling the Advertising of RIP Routing Information To meet the requirements of complex networks accurately controlling the advertising of RIP routing information is essential 3 5 1 Before You Start RIP routing information can be advertised through default routes and Update packets Applicable Environment To meet the requirements of a netw...

Page 195: ...routes to its neighbors Context Perform the following steps on the RIP router Procedure Step 1 Run system view The system view is displayed Step 2 Run rip process id The RIP process is enabled and the RIP view is displayed Step 3 Run default route originate cost cost tag tag match default route policy route policy name advertise tag avoid learning RIP is configured to generate a default route only...

Page 196: ...nd takes precedence over the rip output command configured in the interface view By default an interface can both send and receive RIP Update packets l Disable an interface from sending RIP Update packets in the interface view with a low priority 1 Run system view The system view is displayed 2 Run interface interface type interface number The interface view is displayed 3 Run undo rip output The ...

Page 197: ...ed in an ACL rule is deny a route that matches the rule will not be received or advertised by the system If a route has not matched any ACL rules the route will not be received or advertised by the system If an ACL does not contain any rules all routes matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does n...

Page 198: ...h a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes Then configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a white...

Page 199: ...play rip 100 database Advertisement State A Advertised I Not Advertised Withdraw 10 0 0 0 8 cost 0 ClassfulSumm 10 1 1 0 24 cost 0 A Imported 10 10 10 0 24 cost 0 A Rip interface 10 137 220 0 23 cost 1 A nexthop 10 10 10 2 3 6 Controlling the Receiving of RIP Routing Information To meet the requirements of complex networks accurately controlling the receiving of RIP routing information is essentia...

Page 200: ...d of preventing routing loops Context By default an interface is allowed to receive RIP Update packets Perform the following steps on the RIP router Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interface view is displayed Step 3 Run undo rip input The interface is disabled from receiving RIP Update packets End 3 6 3 Disablin...

Page 201: ... be effective in RIP version 2 By default RIP version 2 always supports host route End 3 6 4 Configuring RIP to Filter the Received Routes By specifying ACLs and IP prefix lists you can configure the inbound policy to filter the routes to be received You can also configure a router to receive only RIP packets from a specified neighbor Context The router can filter routing information To filter the...

Page 202: ...be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route f...

Page 203: ... permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system Then configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes l Based on the IP pref...

Page 204: ...ze yourself with the usage scenario complete the pre configuration tasks and obtain the data required for the configuration Applicable Environment RIP 2 is a type of classless routing protocol A RIP 2 packet carries subnet mask information Deploying a RIP 2 network saves IP addresses For a network on which the IP addresses of devices are not consecutive only RIP 2 can be deployed whereas RIP 1 can...

Page 205: ...id for RIP 1 To broadcast all subnet routes you can disable RIP 2 automatic route summarization Perform the following steps on the RIP router NOTE Route summarization is invalid when poison reverse is configured When the summarized routes are sent outside the natural network boundary poison reverse in related views needs to be disabled Procedure l Enable RIP 2 automatic route summarization 1 Run s...

Page 206: ...ets By default authentication is not configured for RIP Configuring authentication is recommended to ensure system security Context RIP 2 supports the following authentication modes l Simple authentication l MD5 authentication l HMAC SHA256 authentication l Keychain authentication In simple authentication mode the unencrypted authentication key is sent in every RIP 2 packet Therefore simple authen...

Page 207: ...red for RIP 2 packets l Run rip authentication mode keychain keychain name Keychain authentication is configured for RIP 2 packets NOTE The MD5 type must be specified if MD5 authentication is configured The usual type supports private standard authentication packets and the nonstandard type supports IETF standard authentication packets End Result The following section describes the changes in RIP ...

Page 208: ...xchange between Router A and Router B is still version 1 so as above configuration there will be no impact on packet flow l Step3 Configure version 2 broadcast on interface1 of Router A interface1 on Router A Version 2 broadcast Send Version 2 broadcast with authentication Receive Version 1 Version 2 broadcast and multicast with authentication interface2 on Router B Default version or version 1 co...

Page 209: ...icast with authentication Receive Version 2 broadcast and multicast with authentication interface2 on Router B Version 2 Send Version 2 multicast with authentication Receive Version 2 broadcast and multicast with authentication The packet exchange between Router A to Router B is version 2 multicast with authentication Authentication was already configured on both Router A and Router B and both are...

Page 210: ...ion 1 If we configure authentication on version 1 interface there will be no impact for sending version 1 and receiving packets l Step3 Configure authentication on Router B interface2 on Router B Default version or version 1 compatible Send Version 1 Receive Version 1 Version 2 broadcast and multicast with authentication interface1 on Router A Version 1 Send Version 1 Receive Version 1 interface3 ...

Page 211: ...oadcast and multicast with authentication interface1 on Router A version 2 brooadcast Send Version 2 broadcast with authentication Receive Version 1 Version 2 broadcast and multicast with authentication interface3 on Router C Default version or version 1 compatible Send Version 1 Receive Version 1 Version 2 broadcast and multicast with authentication At Router A if we configure rip version 2 broad...

Page 212: ...entication Receive Version 1 Version 2 broadcast and multicast with authentication interface1 on Router A version 2 Send Version 2 multicast with authentication Receive Version 2 broadcast and multicast with authentication interface3 on Router C version 2 brooadcast Send Version 2 broadcast with authentication Receive Version 1 Version 2 broadcast and multicast with authentication At Router A if w...

Page 213: ...ll devices In this scenario if we configure authentication on every device this may cause protocol packets drop if periodic update got triggered during authentication configuration in following cases 1 RIP authenticated packet is received on non authenticated interface 2 RIP non authenticated packet is received on authenticated interface In next periodic update all RIP packets can be authenticated...

Page 214: ...nterfaces and the interval at which packets are sent l Configure split horizon or poison reverse to prevent routing loops l After the replay protect function is enabled neighbors can communicate after a RIP process is restarted l Check the validity of packets and authenticate packets on a network demanding high security l Run RIP on a link that does not support broadcast or multicast packets Pre c...

Page 215: ... as follows update must be smaller than age and update must be smaller than garbage collect For example if the update time is longer than the aging time and a RIP route changes within the update time the router cannot inform its neighbors of the change on time l You must configure RIP timers based on the network performance and uniformly on all the routers running RIP This avoids unnecessary netwo...

Page 216: ...transmit interval interval number pkt count The interval for sending Update packets and the maximum number of packets sent each time are set on the interface End 3 8 4 Configuring Split Horizon and Poison Reverse You can configure split horizon and poison reverse to prevent routing loops Context If both split horizon and poison reverse are configured only poison reverse takes effect On Non Broadca...

Page 217: ...e end does not receive the RIP packet with the Identification field being 0 subsequent RIP packets will be discarded until the remote end receives the RIP packet with the Identification field being X 1 This leads to the unsynchronization and loss of RIP routing information of both ends To solve this problem you need to enable the replay protect function so that RIP can obtain the Identification fi...

Page 218: ...field in an IP packet see Feature Description IP Services l If you run the rip replay protect command in the same view multiple times only the last configuration takes effect End 3 8 6 Configuring RIP to Check the Validity of Update Packets The check on RIP Update packets includes the check on zero fields in RIPv1 packets and the check on source addresses of RIP Update packets The two types of che...

Page 219: ...he source address check is enabled End 3 8 7 Configuring RIP Neighbors Generally RIP sends packets by using broadcast or multicast addresses To run RIP on the links that do not support the forwarding of broadcast or multicast packets you need to specify RIP neighbors Context Generally RIP sends packets by using broadcast or multicast addresses If RIP needs to run on the links that do not support t...

Page 220: ...alid ttl hops valid ttl hops value vpn instance vpn instance name RIP GTSM functions are configured NOTE The valid TTL range of the detected packets is 255 valid ttl hops value 1 255 End 3 8 9 Checking the Configurations After the function of adjusting and optimizing the RIP network performance is successfully configured you can view the current running status routing information neighbor informat...

Page 221: ...ter slave switchover you can enable RIP graceful restart GR GR is a technology used to ensure normal traffic forwarding and non stop forwarding of key services during the restart of routing protocols After a RIP process is restarted through GR the Restarter and the Helper re establish the neighbor relationship and update the routing table and forwarding table This ensures non stop traffic forwardi...

Page 222: ...nly time RIP GR is enabled When most routers on a network do not support RIP GR setting wait time time to a larger value is recommended This ensures that the Restarter has enough time to learn correct routes End Follow up Procedure If the Restarter finishes GR within the GR period specified by period period the Restarter automatically exits from GR Otherwise the Restarter is forced to exit from GR...

Page 223: ...ed on a network a great deal of data will be lost during the aging time BFD provides millisecond level fault detection It can rapidly detect faults in protected links or nodes and report them to RIP This speeds up RIP processes s response to network topology changes and achieves rapid RIP route convergence In BFD for RIP BFD session establishment is triggered by RIP When establishing a neighbor re...

Page 224: ...iew is displayed 2 Run bfd BFD is enabled globally 3 Run quit Return to the system view 4 Run rip process id The RIP view is displayed 5 Run bfd all interfaces enable BFD is enabled in the RIP process to establish a BFD session If BFD is enabled globally RIP will use default BFD parameters to establish BFD sessions on all the interfaces where RIP neighbor relationships are in the Up state 6 Option...

Page 225: ...m establishing a BFD session l Enable BFD on RIP interfaces 1 Run system view The system view is displayed 2 Run bfd BFD is enabled globally 3 Run quit Return to the system view 4 Run interface interface type interface number The view of the specified interface is displayed 5 Run rip bfd enable BFD is enabled on the interface to establish a BFD session 6 Optional Run rip bfd min rx interval min re...

Page 226: ...unctions l One arm BFD If some devices on a network support BFD but some do not configure one arm BFD to implement fault detection l Two arm BFD If all the devices on a network support BFD configure two arm BFD to implement fault detection Static BFD must be enabled using a command and session parameters are also set using commands Pre configuration Tasks Before configuring static BFD for RIP comp...

Page 227: ...lue The local discriminator is set 3 Optional Run min echo rx interval interval The minimum interval at which BFD packets are received is configured 4 Run commit The configuration is committed 5 Run quit Return to the system view Step 3 Configure two arm BFD 1 Run bfd bfd name bind peer ip ip address interface interface type interface number BFD binding is created If a peer IP address and a local ...

Page 228: ...of the specified interface is displayed 2 Run rip bfd static Static BFD is enabled on the interface 3 Run quit Return to the system view End Checking the Configurations After configuring static BFD for RIP run the display rip process id command to check BFD for RIP configurations on the specified interface interface interface type interface number verbose Run the display rip process id interface i...

Page 229: ...uration procedures in this section you can bind RIP to a MIB Pre configuration Tasks Before configuring the network management function in RIP complete the following tasks l Configuring IP addresses for interfaces to ensure that neighboring nodes are reachable at the network layer l Configuring Basic RIP Functions Data Preparation None 3 12 2 Binding RIP to MIBs Before binding RIP to MIBs you need...

Page 230: ...nd clear RIP information 3 13 1 Resetting RIP Restarting RIP can reset RIP Context NOTICE The RIP neighbor relationship is deleted after you reset RIP connections with the reset rip command Exercise caution when running this command To reset RIP connections run the following reset commands in the user view Procedure l Run the reset rip process id configuration command in the user view to reset the...

Page 231: ...nterface numbers and link types may be different from those used in this document 3 14 1 Example for Configuring RIP Version Before using RIP you need to configure basic RIP functions and specify a RIP version You can run commands to view the configuration results Networking Requirements As shown in Figure 3 3 it is required that RIP be enabled on all interfaces of Router A Router B Router C and R...

Page 232: ...RIP on Router D l RIP 2 on Router A Router B Router C and Router D Procedure Step 1 Configure an IP address for each interface The configuration details are not described here Step 2 Configure basic RIP functions Configure Router A RouterA rip RouterA rip 1 network 192 168 1 0 RouterA rip 1 quit Configure Router B RouterB rip RouterB rip 1 network 192 168 1 0 RouterB rip 1 network 172 16 0 0 Route...

Page 233: ...outer D RouterD rip RouterD rip 1 version 2 RouterD rip 1 quit Step 4 Verify the configuration Check the RIP routing table of Router A RouterA display rip 1 route Route Flags R RIP A Aging G Garbage collect Peer 192 168 1 2 on Pos1 0 0 Destination Mask Nexthop Cost Tag Flags Sec 172 16 1 0 24 192 168 1 2 1 0 RA 32 10 1 1 0 24 192 168 1 2 1 0 RA 32 The preceding display shows that the routes advert...

Page 234: ... Pos2 0 0 link protocol ppp undo shutdown ip address 172 16 1 2 255 255 255 0 rip 1 version 2 network 172 16 0 0 return l Configuration file of Router D sysname RouterD interface Pos3 0 0 link protocol ppp undo shutdown ip address 10 1 1 2 255 255 255 0 rip 1 version 2 network 10 0 0 0 return 3 14 2 Example for Configuring RIP to Import External Routes To obtain more RIP routing information you ca...

Page 235: ...configuration roadmap is as follows 1 Enable RIP 100 and RIP 200 on each router and specify network segments 2 Configure the two RIP processes on Router B to import routes from each other and set the default cost of the routes imported from RIP 200 to 3 3 Configure an ACL on Router B to filter the routes imported from RIP 200 Data Preparation To complete the configuration you need the following da...

Page 236: ...Ethernet2 0 0 192 168 0 1 32 Direct 0 0 D 127 0 0 1 GigabitEthernet2 0 0 192 168 0 1 32 Direct 0 0 D 127 0 0 1 InLoopBack0 192 168 1 0 24 Direct 0 0 D 192 168 1 1 Pos1 0 0 192 168 1 1 32 Direct 0 0 D 127 0 0 1 Pos1 0 0 192 168 1 1 32 Direct 0 0 D 127 0 0 1 InLoopBack0 Step 3 Configure RIP to import external routes Set the default route cost of RIP 200 routes imported by RIP 100 to 3 on Router B an...

Page 237: ...guration Check the routing table of Router A after the filtering The route to 192 168 4 0 24 does not exist in the routing table This means that the route is filtered out RouterA display ip routing table Route Flags R relay D download to fib Routing Tables Public Destinations 9 Routes 9 Destination Mask Proto Pre Cost Flags NextHop Interface 127 0 0 0 8 Direct 0 0 D 127 0 0 1 InLoopBack0 127 0 0 1...

Page 238: ...p 200 rip 200 network 192 168 2 0 import route rip 100 return l Configuration file of Router C sysname RouterC interface GigabitEthernet2 0 0 undo shutdown ip address 192 168 3 1 255 255 255 0 interface GigabitEthernet3 0 0 undo shutdown ip address 192 168 4 1 255 255 255 0 interface Pos1 0 0 link protocol ppp undo shutdown ip address 192 168 2 2 255 255 255 0 rip 200 network 192 168 2 0 network 1...

Page 239: ...aults quickly and accelerates network convergence Use Figure 3 5 as an example l RIP is running between Router A Router B Router C and Router D l Service traffic travels through the primary link Router A Router B Router D l One Arm static BFD is enabled on the interface connecting Router A and Router B When the primary link fails BFD can detect the fault quickly and notify the RIP module of the fa...

Page 240: ...IP functions Configure Router A RouterA system view RouterA rip 1 RouterA rip 1 version 2 RouterA rip 1 network 2 0 0 0 RouterA rip 1 network 3 0 0 0 RouterA rip 1 quit Configure Router B RouterB system view RouterB rip 1 RouterB rip 1 version 2 RouterB rip 1 network 2 0 0 0 RouterB rip 1 network 4 0 0 0 RouterB rip 1 network 172 16 0 0 RouterB rip 1 quit Configure Router C RouterC system view Rou...

Page 241: ...opBack0 172 16 0 0 16 RIP 100 1 D 2 2 2 2 GigabitEthernet1 0 0 The routing table shows that the next hop IP address of the route destined for 172 16 0 0 16 is 2 2 2 2 the outbound interface is GigabitEthernet 1 0 0 and traffic is transmitted along the primary link Router A Router B Step 3 Configure One Arm static BFD on Router A Configure one arm BFD on Router A RouterA bfd RouterA bfd quit Router...

Page 242: ...GigabitEthernet2 0 0 4 0 0 0 8 RIP 100 1 D 3 3 3 2 GigabitEthernet2 0 0 127 0 0 0 8 Direct 0 0 D 127 0 0 1 InLoopBack0 127 0 0 1 32 Direct 0 0 D 127 0 0 1 InLoopBack0 172 16 0 0 16 RIP 100 2 D 3 3 3 2 GigabitEthernet2 0 0 The routing table shows that the secondary link Router A Router C Router B starts to be used after the primary link fails The next hop IP address of the route destined for 172 16...

Page 243: ...k 2 0 0 0 network 4 0 0 0 network 172 16 0 0 return l Configuration file of Router C sysname RouterC interface gigabitethernet1 0 0 undo shutdown ip address 4 4 4 2 255 255 255 0 interface gigabitethernet2 0 0 undo shutdown ip address 3 3 3 2 255 255 255 0 rip 1 version 2 network 3 0 0 0 network 4 0 0 0 return l Configuration file of Router D sysname RouterD interface gigabitethernet1 0 0 undo shu...

Page 244: ...nk Router A Router B functions as the active link and link Router A Router C Router B functions as the standby link Normally service traffic is transmitted along the active link It is required that faults in the active link be quickly detected and services be rapidly switched to the standby link BFD for RIP can be configured BFD is used to detect the RIP neighbor relationship between Router A and ...

Page 245: ...ure basic RIP functions Configure Router A RouterA system view RouterA rip 1 RouterA rip 1 version 2 RouterA rip 1 network 2 0 0 0 RouterA rip 1 network 3 0 0 0 RouterA rip 1 quit Configure Router B RouterB system view RouterB rip 1 RouterB rip 1 version 2 RouterB rip 1 network 2 0 0 0 RouterB rip 1 network 4 0 0 0 RouterB rip 1 network 172 16 0 0 RouterB rip 1 quit Configure Router C RouterC syst...

Page 246: ... output shows that the next hop address and outbound interface of the route to destination 172 16 0 0 16 are 2 2 2 2 and GE 1 0 0 respectively and traffic is transmitted over the active link Router A Router B Step 3 Configure BFD in RIP processes Configure BFD on all interfaces of Router A RouterA bfd RouterA bfd quit RouterA rip 1 RouterA rip 1 bfd all interfaces enable RouterA rip 1 bfd all inte...

Page 247: ...splay ip routing table Route Flags R relay D download to fib Routing Tables Public Destinations 6 Routes 6 Destination Mask Proto Pre Cost Flags NextHop Interface 3 3 3 0 24 Direct 0 0 D 3 3 3 1 GigabitEthernet2 0 0 3 3 3 1 32 Direct 0 0 D 127 0 0 1 GigabitEthernet2 0 0 4 0 0 0 8 RIP 100 1 D 3 3 3 2 GigabitEthernet2 0 0 127 0 0 0 8 Direct 0 0 D 127 0 0 1 InLoopBack0 127 0 0 1 32 Direct 0 0 D 127 0...

Page 248: ...1 255 255 255 0 rip 1 version 2 network 2 0 0 0 network 4 0 0 0 network 172 16 0 0 bfd all interfaces enable bfd all interfaces min tx interval 100 min rx interval 100 detect multiplier 10 return l Configuration file of Router C sysname RouterC interface gigabitethernet1 0 0 undo shutdown ip address 4 4 4 2 255 255 255 0 interface gigabitethernet2 0 0 undo shutdown ip address 3 3 3 2 255 255 255 0...

Page 249: ...2 255 255 255 0 rip 1 version 2 network 172 16 0 0 return HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 3 RIP Configuration Issue 02 2014 09 30 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 224 ...

Page 250: ...ng to Import External Routes Similar to RIP RIPng can import external routes to enrich routing information 4 6 Controlling the Advertising of RIPng Routing Information To meet the requirements of complex networks it is required to accurately control the advertising of RIPng routing information 4 7 Controlling the Receiving of RIPng Routing Information To meet the requirements of complex networks i...

Page 251: ...rent RIPng features have different applications HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 4 RIPng Configuration Issue 02 2014 09 30 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 226 ...

Page 252: ...re the distance to the destination The distance is called the routing metric In RIPng the hop count from the router to its directly connected network is 0 and the hop count from the router to a network which can be reached through another router is 1 The hop count that is equal to or exceeds 16 is defined as infinity indicating that the destination network or host is unreachable By default RIPng s...

Page 253: ...c RIPng Functions To implement RIPng features you need to configure basic RIPng functions including creating RIPng processes and enabling RIPng on interfaces 4 2 1 Before You Start To make a Router learn the routes to the network segment of an interface ensure that the link status of the interface is Up Applicable Environment The configuration of basic RIPng functions involves the configuration of...

Page 254: ...ess runs process id does not need to be specified That is process id defaults to 1 After the RIPng process is cancelled the ripng process id enable command needs to be reconfigured on an interface Step 3 Optional Run description Descriptions for RIPng processes are configured End 4 2 3 Enabling RIPng in the Interface View After an interface is associated with a RIPng process routing information on...

Page 255: ... configuration and routing information of RIPng Prerequisites Basic RIPng functions has been configurede Procedure l Run the display ripng process id vpn instance vpn instance name command to check the configuration of the RIPng process l Run the display ripng process id route command to check all the RIPng routes that are learned from other routers l Run the display default parameter ripng comman...

Page 256: ...2 tag 0 RA 6 Sec Dest 2001 DB8 4 2 64 via FE80 200 5EFF FE04 3302 cost 2 tag 0 RA 6 Sec Dest 2001 DB8 4 3 64 via FE80 200 5EFF FE04 3302 cost 2 tag 0 RA 6 Sec Run the display default parameter ripng command and you can view the default configuration of the specified RIPng process Router display default parameter ripng Protocol Level Default Configurations Preference 100 Checkzero Enabled Default c...

Page 257: ...res in this section you can l Change the matching order of routing protocols by configuring the RIPng preference when multiple routing protocols discover routes to the same destination l Affect route selection by changing the additional metric of a RIPng interface l Implement load balancing among multiple equal cost routes Pre configuration Tasks Before configuring RIPng route attributes complete ...

Page 258: ...riginal metric of a RIPng route l The ripng metricin command is used to configure a device to add an additional metric to a received route before the device adds the route to its routing table causing the metric of the route in the routing table to change Running this command affects route selection on the device and other devices l The ripng metricout command is used to configure a device to add ...

Page 259: ...ep 2 to Step 4 until metrics of all links are set End 4 3 4 Configuring the Maximum Number of Equal Cost Routes By setting the maximum number of equal cost RIPng routes you can change the number of routes for load balancing Context Perform the following steps on the RIPng router Procedure Step 1 Run system view The system view is displayed Step 2 Run ripng process id The RIPng view is displayed St...

Page 260: ...I display ripng 100 database 2001 DB8 8 8 128 NULL0 cost 0 Imported 2001 DB8 10 64 via FE80 2E0 E6FF FE1B 8242 Ethernet0 0 0 cost 1 2001 DB8 10 64 via FE80 2E0 E6FF FE1B 8242 Ethernet0 0 1 cost 1 2001 DB8 10 64 via FE80 2E0 E6FF FE1B 8142 Ethernet0 0 0 cost 1 2001 DB8 10 64 via FE80 2E0 E6FF FE1B 8142 Ethernet0 0 1 cost 1 2001 DB8 12 64 Ethernet0 0 0 cost 0 RIPng interface Display all the RIPng ro...

Page 261: ...Png route summarization is configured End 4 5 Configuring RIPng to Import External Routes Similar to RIP RIPng can import external routes to enrich routing information Context To access a device running a non RIPng protocol an RIPng capable device needs to import routes of the non RIPng protocol into the RIPng network All the following commands can set the cost of the imported route which are list...

Page 262: ...meet the requirements of complex networks it is required to accurately control the advertising of RIPng routing information 4 6 1 Before You Start RIPng routing information can be advertised through route summarization default routes and imported external routes Applicable Environment To meet the requirements of a complex network you need to control the advertising of RIPng routing information acc...

Page 263: ...ace number The interface view is displayed Step 3 Run ripng default route only originate cost cost RIPng is configured to advertise a default route You can configure RIPng to advertise default routes as required l only advertises only IPv6 default routes 0 and suppresses the advertising of other routes l originate advertises IPv6 default routes 0 and does not affect the advertising of other routes...

Page 264: ... is allowed to send RIPng packets End 4 6 4 Configuring RIPng to Filter the Routes to be Sent You can configure RIPng to filter the routes to be sent Procedure Step 1 Run system view The system view is displayed Step 2 Run ripng process id The RIPng view is displayed Step 3 Optional Run l filter policy acl6 number acl6 name acl6 name export protocol process id RIPng is configured to filter the rou...

Page 265: ...the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule...

Page 266: ...larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system Then configure another rule with a larger number in the same ACL and specify the action deny in this rule ...

Page 267: ...t 2001 DB8 1 32 via FE80 200 5EFF FE04 3302 cost 2 tag 0 RA 6 Sec Dest 2001 DB8 4 1 64 via FE80 200 5EFF FE04 3302 cost 2 tag 0 RA 6 Sec Dest 2001 DB8 4 2 64 via FE80 200 5EFF FE04 3302 cost 2 tag 0 RA 6 Sec Dest 2001 DB8 4 3 64 via FE80 200 5EFF FE04 3302 cost 2 tag 0 RA 6 Sec 4 7 Controlling the Receiving of RIPng Routing Information To meet the requirements of complex networks it is required to...

Page 268: ...g Packets on an Interface Disabling interfaces from receiving RIPng packets is a method of preventing routing loops Context When a device running RIPng is connected to a network running other routing protocols you can run the undo ripng input command on the interface that connects the device to the network to prevent the interface from receiving useless packets from the network Procedure Step 1 Ru...

Page 269: ...e name A rule is configured for the basic ACL When the rule command is run to configure rules for a named ACL only the source address range specified by source and the time period specified by time range are valid as the rules When a filtering policy of a routing protocol is used to filter routes If the action specified in an ACL rule is permit a route that matches the rule will be received or adv...

Page 270: ...rotocol source source ipv6 address prefix length source ipv6 address prefix length any time range time name A rule is configured for the advanced ACL When a filtering policy of a routing protocol is used to filter routes If the action specified in an ACL rule is permit a route that matches the rule will be received or advertised by the system If the action specified in an ACL rule is deny a route ...

Page 271: ...olling the receiving of RIPng routing information is successfully configured you can view RIPng routing information Prerequisites Controlling the receiving of RIPng routing information has been configured Procedure l Run the display ripng process id database command to check all activated routes in the RIPng database l Run the display ripng process id route command to check all the RIPng routes th...

Page 272: ...configuration tasks and obtain the data required for the configuration Applicable Environment On certain networks you need to configure RIPng features and optimize the performance of a RIPng network After performing configuration procedures in this section you can l Change the convergence speed of the RIPng network by adjusting RIPng timers l Configure split horizon and poison reverse to prevent r...

Page 273: ...following steps on the RIPng router Procedure Step 1 Run system view The system view is displayed Step 2 Run ripng process id The RIPng view is displayed Step 3 Run timers ripng update age garbage collect RIPng timers are configured End 4 8 3 Setting the Interval for Sending Update Packets and the Maximum Number of Packets Sent Each Time By setting the interval for sending packets and the maximum ...

Page 274: ...he router to advertise a route as unreachable back through the interface from which the route is learned If both split horizon and poison reverse are configured only poison reverse takes effect Perform the following steps on the RIPng router Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type vlan id The interface view is displayed Step 3 Run the follo...

Page 275: ...me command to check the configuration of the RIPng process l Run the display ripng process id database verbose command to check all activated routes in the RIPng database l Run the display ripng process id interface interface type interface number verbose command to check information about the RIPng interface l Run the display ripng process id neighbor verbose command to check information about RI...

Page 276: ...her method is to configure IPSec authentication on RIPng interfaces This method is recommended if IPSec authentication needs to be applied only to some interfaces in a RIPng process Pre configuration Tasks Before configuring IPSec authentication for RIPng complete the following tasks l Configuring basic IPSec functions l Configuring basic RIPng functions Data Preparation To configure IPSec authent...

Page 277: ...ce interface type interface number The interface view is displayed Step 3 Run ripng ipsec sa sa name IPSec authentication is enabled on the interface and the name of an SA is specified NOTE The ripng ipsec sa command takes precedence over the ipsec sa command If both commands are run in respective views and different SA names are specified only the configuration of the ripng ipsec sa command takes...

Page 278: ...ipng statistics interface command and you can view the number of RIPng packets that failed authentication Router display ripng 1 statistics interface gigabitethernet 1 0 0 GigabitEthernet1 0 0 FE80 2E0 64FF FE10 8142 Statistical information Last min Last 5 min Total Periodic updates sent 5 23 259 Triggered updates sent 5 30 408 Response packet sent 10 34 434 Response packet received 15 38 467 Resp...

Page 279: ...terA POS1 0 0 POS1 0 0 GE2 0 0 2001 db8 1 1 64 RouterB RouterC POS2 0 0 POS1 0 0 GE2 0 0 2001 db8 2 1 64 GE3 0 0 2001 db8 3 1 64 Configuration Roadmap The configuration roadmap is as follows 1 Configure basic RIPng functions on each router to ensure that the routers communicate with each other 2 Configure an ACL on Router B to filter the imported routes Data Preparation To complete the configurati...

Page 280: ... Route Flags A Aging G Garbage collect Peer FE80 F54C 0 9FDB 1 on Pos2 0 0 Dest 2001 DB8 2 64 via FE80 F54C 0 9FDB 1 cost 1 tag 0 A 3 Sec Dest 2001 DB8 3 64 via FE80 F54C 0 9FDB 1 cost 1 tag 0 A 3 Sec Peer FE80 D472 0 3C23 1 on Pos1 0 0 Dest 2001 DB8 1 64 via FE80 D472 0 3C23 1 cost 1 tag 0 A 4 Sec Check the RIPng routing table of Router A RouterA display ripng 1 route Route Flags A Aging G Garbag...

Page 281: ...2 tag 0 A 7 Sec End Configuration Files l Configuration file of Router A sysname RouterA ipv6 interface GigabitEthernet2 0 0 undo shutdown ipv6 enable ipv6 address 2001 DB8 1 1 64 ripng 1 enable interface Pos1 0 0 link protocol ppp undo shutdown ipv6 enable ipv6 address auto link local ripng 1 enable ripng 1 return l Configuration file of Router B sysname RouterB ipv6 acl ipv6 number 2000 rule 0 d...

Page 282: ...B8 2 1 64 ripng 1 enable interface GigabitEthernet3 0 0 undo shutdown ipv6 enable ipv6 address 2001 DB8 3 1 64 ripng 1 enable interface Pos1 0 0 link protocol ppp undo shutdown ipv6 enable ipv6 address auto link local ripng 1 enable ripng 1 return HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 4 RIPng Configuration Issue 02 2014 09 30 Huawei Proprietary and Confidential Copyright Hu...

Page 283: ...ising and receiving of OSPF routing information and import routes of other protocols 5 6 Configuring an OSPF Dynamic Hostname Compared with router IDs Open Shortest Path First OSPF dynamic hostnames are easier to memorize Therefore using dynamic hostnames to identify routers can facilitate network management 5 7 Configuring an OSPF Stub Area Configuring a non backbone area as a stub area can reduc...

Page 284: ...te flapping caused by the active standby switchover 5 13 Improving Security of an OSPF Network On a network demanding high security you can adopt the GTSM mechanism and configure OSPF authentication to improve the security of the OSPF network 5 14 Configuring the Network Management Function of OSPF OSPF supports the network management function You can bind the OSPF MIB to a certain OSPF process an...

Page 285: ...s with the shortest path tree algorithm This algorithm ensures the generation of loop free routes l Area division An AS can be divided into different areas to facilitate AS management After the area partition an LSDB stores routing information only of the local area The reduce of LSDB size dramatically reduces memory and CPU usage In addition less bandwidth is consumed because of the decrease in r...

Page 286: ...s the routes to each node in the AS Area Division The number of routers increases with the unceasing expansion of the network scale This leads to a large LSDB on each router As a result the load of each router is very heavy OSPF solves this problem by dividing an AS into different areas An area is regarded as a device group logically Each group is identified by an area ID On the border of an area ...

Page 287: ...SPF DR and the DR forwards the LSU packets to destination 224 0 0 5 Database Description DD packets Link State Request LSR packets and all retransmission packets are sent in unicast mode Link State Acknowledgement LSAck packets are usually sent in multicast mode 224 0 0 5 When a router receives repeated LSAs or the LSAs are deleted due to the timeout of the maximum lifetime LSAck packets are sent ...

Page 288: ...o adopted in the backbone network On the PEs the two OSPF processes are independent of each other Authentication OSPF supports packet authentication Only the OSPF packets that pass the authentication can be received If the packets fail to pass the authentication the neighbor relationship cannot be established The NE80E 40E supports two authentication modes l Area authentication mode l Interface au...

Page 289: ...i access network changes the interface enabled with the Smart discover function sends Hello packets to the network segment and takes part in the DR or BDR election Figure 5 3 Changes of the neighbor state machine Down Full Loading Exchange Exstart 2 way Init Attempt NBMA l On P2P and P2MP networks the adjacency relationship can be established rapidly The principle is the same as that in broadcast ...

Page 290: ...F the GR Restarter does not age the forwarding information At the same time the GR Helper keeps the topology information or routes obtained from the GR Restarter for a period This ensures that traffic forwarding is not interrupted when protocol restart occurs OSPF and DS TE OSPF TE supports the establishing and maintaining of the Label Switch Path LSP of the TE When constructing constraint based r...

Page 291: ...n one VPN consider each other as if they were connected directly Therefore PEs exchange OSPF routing information as if they were directly connected through a leased line This improves network management and enhances the validity of the OSPF application NOTE For detailed configuration of this feature refer to the HUAWEI NetEngine80E 40E Router Configuration Guide VPN OSPF Sham Links OSPF sham links...

Page 292: ... fault BFD generates a Down event and notifies the upper protocol of the fault through RM OSPF then responds to the event and immediately deletes the adjacency relationship on the link At this time the status of the neighbor is not Full This does not meet the requirements of establishing a BFD session OSPF then uses RM to notify the BFD module of deleting the BFD session OSPF supports dynamically ...

Page 293: ...causing routing information congestion and self loops The OSPF relevant commands that are configured in the interface view take effect regardless of whether OSPF is enabled After OSPF is disabled the OSPF relevant commands also exist on interfaces Pre configuration Tasks Before configuring basic OSPF functions complete the following tasks l Configuring a link layer protocol l Configuring IP addres...

Page 294: ...ocess is started and the OSPF view is displayed The NE80E 40E supports OSPF multi process If you wan to configure OSPF in the VPN instance view run the ospf process id router id router id vpn instance vpn instance name command The parameter process id specifies the ID of an OSPF process The default value is 1 The NE80E 40E supports OSPF multi process You can create different processes for services...

Page 295: ...n be classified into a backbone area with the area ID of 0 and non backbone areas The backbone area is responsible for forwarding inter area routing information The routing information between the non backbone areas must be forwarded through the backbone area The description of an OSPF area helps identify special processes by the description command 4 Run network ip address wildcard mask descripti...

Page 296: ...ted through a backbone area Therefore OSPF requires that all non backbone areas maintain the connectivity with the backbone area and the backbone areas in different OSPF areas maintain the connectivity with each other In real world situations this requirement may not be met because of some restrictions To resolve this problem you can configure OSPF virtual links Procedure Step 1 Run system view Th...

Page 297: ...r configuration The router complies with the route selection rule defined in RFC 1583 by default If the neighboring router complies with the route selection rule defined in RFC 2328 configure the local router to comply with that defined in RFC 2328 This allows all routers in the OSPF area to comply with the same route selection rule Procedure Step 1 Run system view The system view is displayed Ste...

Page 298: ...e neighboring router may be busy processing LSA update packets and has to discard the Hello packets that are used to maintain neighbor relationships This causes neighbor relationships to be interrupted To resolve this problem you can restrict the flooding of LSA update packets to maintain neighbor relationships Context When multiple neighboring routers are configured or a large number of LSA updat...

Page 299: ...eds 256 End 5 2 7 Optional Configuring the Maximum Number of Packet Retransmission Attempts When no response to DD packets LSU packets or LSR packets is received the retransmission mechanism is used and the maximum number of packet retransmission attempts is set Context If no response is received when the maximum number of packet retransmission attempts is reached the neighbor relationship will be...

Page 300: ...at which an LSA packet is retransmitted to the neighboring router is set Setting the interval to a proper value is recommended A rather small interval will cause unnecessary retransmission The interval is generally longer than a round trip of one packet transmitted between two routers The default retransmission interval is 5s and is widely used End 5 2 9 Optional Configuring an Interface to Fill i...

Page 301: ... each area and routing table Prerequisites Basic OSPF functions have been configured Procedure l Run the display ospf process id peer command to check OSPF neighbor information l Run the display ospf process id routing command to check OSPF routing table information l Run the display ospf process id lsdb command to check OSPF LSDB information End Example Run the display ospf peer command If the OS...

Page 302: ...ion describes how to configure OSPF and modify attributes on the NBMA or point to multipoint P2MP network to flexibly construct the OSPF network 5 3 1 Before You Start To implement OSPF functions configure OSPF on the NBMA or P2MP network Applicable Environment As shown in Table 5 1 OSPF classifies networks into four types based on the types of link layer protocols NOTE Differentiated OSPF configu...

Page 303: ... network must be the same OSPF does not regard a network as a P2MP network by default regardless of any link layer protocol A P2MP network is forcibly changed from the network of another type As shown in Table 5 1 OSPF sends packets in different manners on networks of different types Therefore the difference between OSPF configurations on the networks lies in the packet sending configurations Pre ...

Page 304: ...annot be established Only when the network type of one OSPF interface is broadcast and the network type of the other OSPF interface is P2P the two interfaces can still set up the neighbor relationship but cannot learn the OSPF routing information each other Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interface view is displ...

Page 305: ... two ends during which an OSPF neighbor relationship is to be established Specifically OSPF performs an AND operation on the local subnet mask and the local IP address and on the local subnet mask and the remote IP address An OSPF neighbor relationship can be established only when the results on the two ends are the same NOTE OSPF cannot be configured on a null interface End 5 3 3 Configuring NBMA...

Page 306: ...y A neighboring router is configured End 5 3 4 Configuring P2MP Network Attributes To implement OSPF functions configure P2MP network attributes Procedure Step 1 Disable OSPF from checking the network mask The OSPF neighbor relationship cannot be established between the routers with different mask lengths on the P2MP network After OSPF is disabled from checking the network mask the OSPF neighbor r...

Page 307: ... name basic number acl number2 match order auto config The basic ACL view is displayed d Run rule rule id deny permit fragment type fragment type name source source ip address source wildcard any time range time name vpn instance vpn instance name The rule for the basic ACL is configured When a filtering policy of a routing protocol is used to filter routes If the action specified in an ACL rule i...

Page 308: ...ber2 match order auto config The basic ACL view is displayed d Run rule rule id deny permit protocol source source ip address source wildcard any time range time name The rule for the advanced ACL is configured When a filtering policy of a routing protocol is used to filter routes If the action specified in an ACL rule is permit a route that matches the rule will be received or advertised by the s...

Page 309: ...sa opaque link opaque area opaque as link state id originate router advertising router id self originate age min value min age value max value max age value l Run the display ospf process id peer interface type interface number neighbor id brief last nbr down command to view neighbor information l Run the display ospf process id nexthop command to check next hop information l Run the either of the...

Page 310: ...nfigure equal cost routes to implement load balancing l Configure a stub router during the maintenance operations such as upgrade to ensure stable data transmission through key routes l Suppress interfaces from sending or receiving packets to help select the optimal route l Configuring an OSPF interface to automatically adjust the link cost based on link quality facilitates route selection control...

Page 311: ...rface cost is configured the system automatically calculates the interface cost based on the interface bandwidth The calculation formula is as follows Cost of the interface Bandwidth reference value Interface bandwidth The integer of the calculated result is the cost of the interface If the calculated result is smaller than 1 the cost value is 1 By default the bandwidth reference value is 100 in M...

Page 312: ...Step 1 Run system view The system view is displayed Step 2 Run ospf process id The OSPF process view is displayed Step 3 Run maximum load balancing number The maximum number of equal cost routes is set When the number of equal cost routes is greater than number specified in the maximum load balancing command valid routes are selected for load balancing based on the following criteria 1 Route prefe...

Page 313: ...55 which indicates that load balancing is implemented regardless of the route preferences End 5 4 4 Configuring a Stub Router To ensure that a route is not interrupted during flapping triggering maintenance operations such as upgrade you can configure a router as a stub router to allow traffic to bypass the route on the stub router Context After a stub router is configured the route on the stub ro...

Page 314: ...n optimal route is provided For example there are three routes between router A and router B as shown in Figure 5 5 To configure the route with the outbound interface of 1 0 1 to be the optimal route suppress 1 0 0 and 1 0 2 from receiving and sending OSPF packets Figure 5 5 Networking diagram of suppressing an interface from receiving and sending OSPF packets IP Network IP Network IP Network Rout...

Page 315: ...r of bits transferred during a studied time interval During data transmission a high BER will degrade or even interrupt services in extreme cases To prevent this problem configure OSPF interfaces to automatically adjust link costs based on link quality so that unreliable links are not used by the optimal routes Procedure Step 1 Run system view The system view is displayed Step 2 Run interface inte...

Page 316: ...cedure l Run the display ospf process id routing ip address mask mask length interface interface type interface number nexthop nexthop address command to check the OSPF routing table information l Run the display ospf process id interface all interface type interface number verbose command to check OSPF interface information End Example Run the display ospf process id routing ip address command to...

Page 317: ...of the imported routing protocol OSPF process ID and default parameters 5 5 2 Configuring OSPF to Import External Routes Importing the routes discovered by other routing protocols can enrich OSPF routing information Context To access a router running a non OSPF protocol an OSPF capable router needs to import routes of the non OSPF protocol into the OSPF network OSPF provides loop free intra area r...

Page 318: ...type of the imported external routes is Type 2 the default tag value of the imported routes is 1 NOTE You can run one of the following commands to set the cost of the imported route The following commands are listed in descending order of priorities l Run the apply cost command to set the cost of a route l Run the import route command to set the cost of the imported route l Run the default command...

Page 319: ...and specify the action deny in this rule to filter out the unwanted routes Then configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the sys...

Page 320: ...ify the action deny in this rule to filter out unwanted routes l Based on the IP prefix Run filter policy ip prefix ip prefix name export protocol process id Routes imported using Step 3 can be advertised only when meeting filtering conditions l Based on the Route Policy Run filter policy route policy route policy name export protocol process id Routes imported using Step 3 can be advertised only ...

Page 321: ...orted as shown in Table 5 2 Table 5 2 Default route advertising mode Area Type Generated By Advertise d By LSA Type Floodi ng Area Commo n area The default route advertise command ASBR Type 5 LSA Comm on area Stub area Automatically ABR Type 3 LSA Stub area NSSA The nssa default route advertise command ASBR Type 7 LSA NSSA Automatically ABR Type 3 LSA NSSA Totally NSSA Automatically ABR Type 3 LSA...

Page 322: ...es This minimizes system resource consumption and maintains the system performance In addition if a specific link frequently alternates between Up and Down the links not involved in the route summarization will not be affected This prevents route flapping and improves the network stability Procedure l Configure ABR route summarization 1 Run system view The system view is displayed 2 Run ospf proce...

Page 323: ...erate null0 route which is used to prevent routing loops NOTE After route summarization is configured the routing table on the local OSPF router remains the same The routing table on another OSPF router however contains only one summarized route no specific route This summarized route is not removed until all specific routes are interrupted End 5 5 5 Configuring OSPF to Filter Routes Received by O...

Page 324: ... received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes ...

Page 325: ...re another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system Then configure another rule with a larger number in the same ACL and specify the ac...

Page 326: ...ip address source wildcard any time range time name vpn instance vpn instance name The rule for the basic ACL is configured When a filtering policy of a routing protocol is used to filter routes If the action specified in an ACL rule is permit a route that matches the rule will be received or advertised by the system If the action specified in an ACL rule is deny a route that matches the rule will...

Page 327: ...ule for the advanced ACL is configured When a filtering policy of a routing protocol is used to filter routes If the action specified in an ACL rule is permit a route that matches the rule will be received or advertised by the system If the action specified in an ACL rule is deny a route that matches the rule will not be received or advertised by the system If a route has not matched any ACL rules...

Page 328: ...As that meet the filtering conditions can be received or advertised This function is applicable only to the ABR Procedure Step 1 Run system view The system view is displayed Step 2 Run ospf process id The OSPF process view is displayed Step 3 Run area area id The OSPF area view is displayed Step 4 Filter incoming or outgoing Type 3 LSAs in the area l Filter outgoing Type 3 LSAs in the area run any...

Page 329: ...a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes Then configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be rece...

Page 330: ...d specify the action permit in this rule to permit the routes to be received or advertised by the system Then configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes Based on the IP prefix Run filter ip prefix ip prefix name export The filter outgoing Type 3 LSAs in the area are filtered Based on the Route Policy Run filter...

Page 331: ...routes Route filtering using a whitelist Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system Then configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes Based on the advanced ACL 1 Run filter acl name acl name import The filter in...

Page 332: ... number in the same ACL and specify the action deny in this rule to filter out unwanted routes Based on the IP prefix Run filter ip prefix ip prefix name import The filter incoming Type 3 LSAs in the area are filtered Based on the Route Policy Run filter route policy route policy name import The filter incoming Type 3 LSAs in the area are filtered End 5 5 8 Optional Enabling the Mesh Group Functio...

Page 333: ...e maximum number of external LSAs in the LSDB is set End 5 5 10 Checking the Configurations After controlling OSPF routing information you can check information about the OSPF routing table interface and ASBR summarization Prerequisites Controlling OSPF routing information has been configured Procedure l Run either of the following commands to check routing table information display ospf process i...

Page 334: ...tal summary address count 1 Summary Address net 10 0 0 0 mask 255 0 0 0 tag 10 status Advertise Cost 0 Not Configured Delay 30 Configured The Count of Route is 2 Destination Net Mask Proto Process Type Metric 10 1 0 0 255 255 0 0 Static 1 2 10 10 2 0 0 255 255 0 0 Static 1 2 10 5 6 Configuring an OSPF Dynamic Hostname Compared with router IDs Open Shortest Path First OSPF dynamic hostnames are eas...

Page 335: ...o check OSPF hostname information l display ospf hostname table l display ospf process id peer interface type interface number interface name hostname hostname l display ospf process id lsdb router network summary asbr ase nssa opaque link opaque area opaque as link state id hostname hostname age min value min age value max value max age value l display ospf process id lsdb brief router network su...

Page 336: ...ample a non backbone area with only one ABR can be configured as a stub area In a stub area the number of entries in the routing table and the amount of routing information to be transmitted greatly decrease Note the following points when configuring a stub area l The backbone area Area 0 cannot be configured as a stub area l If an area needs to be configured as a stub area all the routers in this...

Page 337: ...r configured again only after the routing update is complete Step 5 Optional Run stub no summary The ABR is prevented from sending Type 3 LSAs to the stub area Step 6 Optional Run default cost cost The cost of the default route to the stub area is set To ensure the reachability of AS external routes the ABR in the stub area generates a default route and advertises the route to the non ABR routers ...

Page 338: ...SPF area Neither the NSSA nor the stub area transmits routes learned from other areas in the AS it resides The stub area does not allow AS external routes to be imported whereas the NSSA allows AS external routes to be imported and forwarded in the entire AS Type 7 LSAs are used to carry imported AS external routing information in the NSSA Type 7 LSAs are generated by the ASBRs of NSSAs and floode...

Page 339: ...he following scenarios l The parameter default route advertise is used to advertise Type 7 LSAs carrying the default route on the ABR or ASBR to the NSSA Type 7 LSAs carrying the default route will be generated regardless of whether the default route 0 0 0 0 exists in the routing table on the ABR On the ASBR however the default Type 7 LSA is generated only when the default route 0 0 0 0 exists in ...

Page 340: ...ted services when translator roles change The interval value value must be greater than the flooding period Step 5 Optional Run default cost cost The cost of the default route to the NSSA is set To ensure the reachability of AS external routes the ABR in the NSSA generates a default route and advertises the route to the other routers in the NSSA Type 7 LSAs can be used to carry default route infor...

Page 341: ...ype the route management RM module creates a separate MIGP routing table for the multicast protocol calculates the physical outbound interface for the route and adds the physical interface to the MIGP routing table for multicast forwarding Configuring filtering conditions for local MT controls the number of routing entries in an MIGP routing table and speeds up the MIGP routing table lookup Pre co...

Page 342: ... type name source source ip address source wildcard any time range time name vpn instance vpn instance name The rule for the basic ACL is configured l Based on the advanced ACL 1 Run local mt filter policy acl acl name Configure a filtering policy for Local MT 2 Run quit Return to the system view 3 Run Run acl name acl name advance number acl number2 match order auto config The basic ACL view is d...

Page 343: ... ospf process id routing command to check OSPF routing table information l Run the display ospf process id brief command to check brief OSPF information Run the following command to view information about the physical interface in the MIGP routing table HUAWEI display ospf migp routing OSPF Process 1 with Router ID 3 3 3 3 MIGP Routing Tables Routing for Network Destination Cost Type NextHop AdvRo...

Page 344: ...work layer l Configuring Basic OSPF Functions Data Preparation To configure BFD for OSPF you need the following data No Data 1 Number of the OSPF process to be enabled with BFD for OSPF 2 Type and number of the interface to be enabled with BFD for OSPF 3 Optional Values of BFD session parameters NOTE The default parameter values are recommended 5 10 2 Configuring BFD for OSPF in a Specified Proces...

Page 345: ...val receive interval min tx interval transmit interval detect multiplier multiplier value frr binding BFD session parameters are modified You can skip this step The default interval at which BFD packets are transmitted and the default detection multiplier are recommended The parameters are configured based on the network status and network reliability requirements A short interval at which BFD pac...

Page 346: ...e formula max 100 ms 300 ms the detection period is 1500 ms calculated by multiplying 300 ms by 5 l On the peer router the actual interval at which BFD packets are transmitted is 300 ms calculated by using the formula max 100 ms 300 ms the actual interval at which BFD packets are received is 600 ms calculated by using the formula max 200 ms 600 ms and the detection period is 2400 ms calculated by ...

Page 347: ...rocess NOTE The priority of BFD for OSPF configured on an interface is higher than that of BFD for OSPF configured for a process Step 6 Optional Run ospf bfd min rx interval receive interval min tx interval transmit interval detect multiplier multiplier value frr binding BFD session parameters are modified You can skip this step The default interval at which BFD packets are transmitted and the def...

Page 348: ... ms 600 ms the interval at which BFD packets are received is 300 ms calculated by using the formula max 100 ms 300 ms the detection period is 1500 ms calculated by multiplying 300 ms by 5 l On the peer router the actual interval at which BFD packets are transmitted is 300 ms calculated by using the formula max 100 ms 300 ms the actual interval at which BFD packets are received is 600 ms calculated...

Page 349: ...lliseconds level and notifying and installing a new route at the hundreds of milliseconds level As a result it takes much more than 50 ms to recovery the link from the fault which cannot meet the requirement for real time services on the network With OSPF IP FRR that calculates a backup link in advance devices can fast switch traffic to the backup link without interrupting traffic when the primary...

Page 350: ... link after IP FRR is enabled using the ip frr command in the system view or VPN instance view configure a nexthop and an outbound interface for the static backup link l For a dynamic backup link after OSPF IP FRR is enabled using the loop free alternate command enable the device to use the LFA algorithm to calculate the nexthop and outbound interface for the dynamic backup link By default static ...

Page 351: ...lure Bind BFD to the link status so that link faults can be detected rapidly This ensures that traffic is rapidly switched to the backup link in the case of link failures Binding OSPF IP FRR and BFD can configure in a specified process or on a specified interface The priority of BFD configured on an interface is higher than that of BFD configured in an OSPF process If BFD is enabled on an interfac...

Page 352: ...e disabled on an interface of a specific device that is running important services and resides on an FRR backup link This setting prevents the device connected to this interface from being a part of a backup link and being burdened after FRR switches traffic to the backup link Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The vie...

Page 353: ...face is outbound interface of the backup next hop Backup Type is type of the backup next hop 5 12 Configuring OSPF GR This section describes how to configure OSPF GR to avoid traffic interruption and route flapping caused by the active standby switchover 5 12 1 Before You Start Before configuring OSPF GR familiarize yourself with the usage scenario complete the pre configuration tasks and obtain t...

Page 354: ...default parameter values are recommended 5 12 2 Enabling OSPF GR Enabling OSPF GR to ensure the fast convergence of OSPF and the stability the network topology Procedure Step 1 Run system view The system view is displayed Step 2 Run ospf process id The OSPF view is displayed Step 3 Run opaque capability enable The opaque LSA function is enabled Opaque LSAs provide a generic mechanism for OSPF exte...

Page 355: ...played Step 2 Run ospf process id The OSPF view is displayed Step 3 Run graceful restart period period planned only partial The GR session parameters are set l Set period the GR period on the Restarter is set By default the restart time is 120 seconds l Set planned only the Restarter supports only the planned GR By default the Restarter supports both the planned GR and unplanned GR l Set partial t...

Page 356: ...source source ip address source wildcard any time range time name vpn instance vpn instance name The rule for the basic ACL is configured l Based on the advanced ACL 1 Run graceful restart period period partial planned only helper role acl name acl name ignore external lsa planned only never The GR session parameters are set 2 Run quit Return to the system view 3 Run Run acl name acl name advance ...

Page 357: ...graceful restart verbose command to check the restart status of OSPF GR End Example Run the display ospf graceful restart command If the OSPF GR configuration is displayed it means that the configuration succeeds For example HUAWEI display ospf graceful restart OSPF Process 1 with Router ID 1 1 1 1 Graceful restart capability enabled Graceful restart support planned and un planned totally Helper p...

Page 358: ...OSPF processing without checking the validity of the packets The router busies itself with processing these valid packets As a result the system is busy and the CPU is highly occupied The GTSM mechanism protects a router by checking whether the TTL value in the IP packet header is in a pre defined range to enhance the system security NOTE l NE80E 40E supports IPv4 OSPF GTSM l GTSM supports only un...

Page 359: ... dropped This is convenient for fault location Procedure Step 1 Run system view The system view is displayed Step 2 Run ospf valid ttl hops hops vpn instance vpn instance name OSPF GTSM functions are configured NOTE The ospf valid ttl hops command has two functions l Enabling OSPF GTSM l Configuring the TTL value to be detected The parameter vpn instance is valid only for the latter function There...

Page 360: ...ation the neighbor relationship cannot be established Context In area authentication all the routers in an area must use the same area authentication mode and password For example the authentication mode of all devices in Area 0 is simple authentication and the password is abc The interface authentication mode is used among neighbor routers to set the authentication mode and password Its priority ...

Page 361: ...tication you must run the keychain command to create a keychain Then run the key id key string and algorithm commands to configure a key ID a password and an authentication algorithm for this keychain Otherwise the OSPF authentication will fail l Configuring the Interface Authentication Mode 1 Run system view The system view is displayed 2 Run interface interface type interface number The interfac...

Page 362: ...e display gtsm statistics slot id all command to check the GTSM statistics l Run the display ospf process id request queue interface type interface number neighbor id command to check the OSPF request queue l Run the display ospf process id retrans queue interface type interface number neighbor id command to check the OSPF retransmission queue l Run the display ospf process id error lsa command to...

Page 363: ...asks Before configuring the network management function of OSPF complete the following tasks l Configuring IP addresses for interfaces to make neighboring nodes reachable l Configuring Basic OSPF Functions Data Preparation To configure the network management function of OSPF you need the following data No Data 1 OSPF process ID 5 14 2 Configuring OSPF MIB Binding The MIB is a virtual database of t...

Page 364: ...ospfvirtifauthfailure ospfvirtifconfigerror ospfvirtifrxbadpacket ospfvirtifstatechange ospfvirtiftxretransmit ospfvirtnbrrestarthelperstatuschange ospfvirtnbrstatechange The trap function for the OSPF module is enabled To enable all non excessive traps of OSPF module you can run the non excessiveall command to enable the traps of one or more events you can specify type name End 5 14 4 Configuring...

Page 365: ...g OSPF and clearing OSPF statistics 5 15 1 Resetting OSPF Restarting OSPF can reset OSPF In addition you can reset OSPF through GR Context NOTICE The OSPF neighbor relationship is deleted after you reset OSPF connections with the reset ospf command Exercise caution when running this command To reset OSPF connections run the following reset ospf commands in the user view Procedure l Run the reset o...

Page 366: ...command in the user view to clear the routes imported by OSPF l Run the reset gtsm statistics slot id all command in the user view to clear the GTSM statistics on the board End 5 16 Configuration Examples This section provides several configuration examples of OSPF together with the Networking diagram The configuration examples explain networking requirements configuration notes and configuration ...

Page 367: ... is as follows 1 Enable OSPF on each router 2 Specify network segments in different areas Data Preparation To complete the configuration you need the following data l Router ID 1 1 1 1 of Router A OSPF process ID 1 network segment 192 168 0 0 24 of Area 0 network segment 192 168 1 0 24 of Area 1 l Router ID 2 2 2 2 of Router B OSPF process ID 1 network segment 192 168 0 0 24 of Area 0 network segm...

Page 368: ...a 0 0 0 2 quit Configure Router C RouterC router id 3 3 3 3 RouterC ospf RouterC ospf 1 area 1 RouterC ospf 1 area 0 0 0 1 network 192 168 1 0 0 0 0 255 RouterC ospf 1 area 0 0 0 1 network 172 16 1 0 0 0 0 255 RouterC ospf 1 area 0 0 0 1 quit Configure Router D RouterD router id 4 4 4 4 RouterD ospf RouterD ospf 1 area 2 RouterD ospf 1 area 0 0 0 2 network 192 168 2 0 0 0 0 255 RouterD ospf 1 area...

Page 369: ... 0 1 192 168 2 0 24 2 Inter area 192 168 0 2 2 2 2 2 0 0 0 0 Total Nets 5 Intra Area 3 Inter Area 2 ASE 0 NSSA 0 Check the LSDB on Router A RouterA display ospf lsdb OSPF Process 1 with Router ID 1 1 1 1 Link State Database Area 0 0 0 0 Type LinkState ID AdvRouter Age Len Sequence Metric Router 2 2 2 2 2 2 2 2 317 48 80000003 1 Router 1 1 1 1 1 1 1 1 316 48 80000002 1 Sum Net 172 16 1 0 1 1 1 1 25...

Page 370: ...quence 5 ttl 253 time 63 ms 172 16 1 1 ping statistics 5 packet s transmitted 5 packet s received 0 00 packet loss round trip min avg max 16 59 94 ms End Configuration Files l Configuration file of Router A sysname RouterA router id 1 1 1 1 interface Pos1 0 0 link protocol ppp undo shutdown ip address 192 168 0 1 255 255 255 0 interface Pos2 0 0 link protocol ppp undo shutdown ip address 192 168 1...

Page 371: ...RouterD router id 4 4 4 4 interface GigabitEthernet2 0 0 undo shutdown ip address 172 17 1 1 255 255 255 0 interface Pos1 0 0 link protocol ppp undo shutdown ip address 192 168 2 2 255 255 255 0 ospf 1 area 0 0 0 2 network 192 168 2 0 0 0 0 255 network 172 17 1 0 0 0 0 255 return l Configuration file of Router E sysname RouterE router id 5 5 5 5 interface GigabitEthernet2 0 0 undo shutdown ip addr...

Page 372: ...red between Router A and Router B Figure 5 7 Networking diagram of configuring OSPF virtual links RouterA RouterB POS1 0 0 192 168 1 1 24 POS1 0 0 192 168 1 2 24 GE2 0 0 172 16 1 1 16 GE2 0 0 10 1 1 1 8 Area0 Area2 Area1 Virtual Link GE2 0 0 10 1 1 2 8 RouterC GE2 0 0 172 16 1 2 16 RouterD Configuration Roadmap The configuration roadmap is as follows 1 Configure basic OSPF functions on each router...

Page 373: ...outing OSPF Process 1 with Router ID 1 1 1 1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 10 0 0 0 8 1 Transit 10 1 1 1 3 3 3 3 0 0 0 0 192 168 1 0 24 1 Stub 192 168 1 1 1 1 1 1 0 0 0 1 Total Nets 2 Intra Area 2 Inter Area 0 ASE 0 NSSA 0 The routing table on Router A contains no route in Area 2 because Area 2 is not directly connected to Area 0 Step 4 Configure a...

Page 374: ... shutdown ip address 192 168 1 1 255 255 255 0 ospf 1 router id 1 1 1 1 area 0 0 0 0 network 10 0 0 0 0 255 255 255 area 0 0 0 1 network 192 168 1 0 0 0 0 255 vlink peer 2 2 2 2 return l Configuration file of Router B sysname RouterB interface GigabitEthernet2 0 0 undo shutdown ip address 172 16 1 1 255 255 0 0 interface Pos1 0 0 link protocol ppp undo shutdown ip address 192 168 1 2 255 255 255 0...

Page 375: ...and therefore is elected as the DR Router C has the second highest priority and is elected as the BDR The priority of Router B is 0 and therefore Router B cannot be elected as the DR or BDR The priority of Router D is not configured and its default value is 1 Figure 5 8 Configuring DR election of OSPF RouterB RouterA RouterD GE1 0 0 192 168 1 2 24 GE1 0 0 192 168 1 1 24 GE1 0 0 192 168 1 4 24 Rout...

Page 376: ...2 2 RouterB ospf RouterB ospf 1 area 0 RouterB ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 RouterB ospf 1 area 0 0 0 0 quit Configure Router C RouterC router id 3 3 3 3 RouterC ospf RouterC ospf 1 area 0 RouterC ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 RouterC ospf 1 area 0 0 0 0 quit Configure Router D RouterD router id 4 4 4 4 RouterD ospf RouterD ospf 1 area 0 RouterD ospf 1 area...

Page 377: ...ty 100 RouterA GigabitEthernet1 0 0 quit Configure Router B RouterB interface GigabitEthernet 1 0 0 RouterB GigabitEthernet1 0 0 ospf dr priority 0 RouterB GigabitEthernet1 0 0 quit Configure Router C RouterC interface GigabitEthernet 1 0 0 RouterC GigabitEthernet1 0 0 ospf dr priority 2 RouterC GigabitEthernet1 0 0 quit View the DR BDR status RouterD display ospf peer OSPF Process 1 with Router I...

Page 378: ... 1 3 State Full Mode Nbr is Slave Priority 2 DR 192 168 1 1 BDR 192 168 1 3 MTU 0 Dead timer due in 37 sec Retrans timer interval 5 Neighbor is up for 00 07 17 Authentication Sequence 0 View the status of the OSPF interface RouterA display ospf interface OSPF Process 1 with Router ID 1 1 1 1 Interfaces Area 0 0 0 0 MPLS TE not enabled IP Address Type State Cost Pri DR BDR 192 168 1 1 Broadcast DR ...

Page 379: ...twork 192 168 1 0 0 0 0 255 return l Configuration file of Router C sysname RouterC router id 3 3 3 3 interface GigabitEthernet1 0 0 undo shutdown ip address 192 168 1 3 255 255 255 0 ospf dr priority 2 ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 return l Configuration file of Router D sysname RouterD router id 4 4 4 4 interface GigabitEthernet1 0 0 undo shutdown ip address 192 168 1 4 255 2...

Page 380: ...gh Router C and Router D Figure 5 9 Networking diagram of configuring OSPF load balancing RouterA RouterB RouterD RouterE POS1 0 0 POS3 0 0 POS1 0 0 POS2 0 0 POS1 0 0 POS2 0 0 POS1 0 0 GE4 0 0 GE4 0 0 Area0 POS2 0 0 POS3 0 0 POS2 0 0 RouterC POS1 0 0 POS2 0 0 Device Interface IP Address Device Interface IP Address RouterA POS1 0 0 10 1 1 1 24 RouterC POS1 0 0 10 1 2 2 24 POS2 0 0 10 1 2 1 24 POS2 ...

Page 381: ...f Area 0 is 10 1 2 0 8 and 192 168 1 0 8 l For Router D the router ID is 4 4 4 4 the OSPF process number is 1 and the network segment of Area 0 is 10 1 3 0 8 and 192 168 2 0 8 l For Router E the router ID is 5 5 5 5 the OSPF process number is 1 and the network segment of Area 0 is 192 168 0 0 24 192 168 1 0 24 192 168 2 0 24 and 172 17 1 0 24 l The number of load balancing paths on Router A is 2 l...

Page 382: ...A ospf 1 maximum load balancing 2 RouterA ospf 1 quit View the routing table of Router A As shown in the routing table Router A has only two valid next hops 10 1 1 2 Router B and 10 1 2 2 Router C This is because the maximum number of equal cost routes is set to 2 RouterA display ip routing table Route Flags R relay D download to fib Routing Tables Public Destinations 12 Routes 13 Destination Mask...

Page 383: ...next hops being 10 1 2 2 and 10 1 3 2 is higher than that of the route with the next hop being 10 1 1 2 Therefore Router A has only two valid next hops 10 1 2 2 Router C and 10 1 3 2 Router D End Configuration Files l Configuration file of Router A sysname RouterA interface GigabitEthernet3 1 0 undo shutdown ip address 172 16 1 1 255 255 255 0 interface pos1 0 0 link protocol ppp undo shutdown ip ...

Page 384: ...ss 192 168 1 1 255 255 255 0 ospf 1 router id 3 3 3 3 area 0 0 0 0 network 10 1 2 0 0 255 255 255 network 192 168 1 0 0 0 255 255 Return l Configuration file of Router D sysname RouterD interface pos1 0 0 link protocol ppp undo shutdown ip address 10 1 3 2 255 255 255 0 interface pos2 0 0 link protocol ppp undo shutdown ip address 192 168 2 1 255 255 255 0 ospf 1 router id 4 4 4 4 area 0 0 0 0 net...

Page 385: ...nd storage resource consumption on the router As shown in Figure 5 10 OSPF is enabled on all routers and the entire AS is partitioned into three areas Router A and Router B function as ABRs to forward inter area routes Router D functions as an ASBR to import the external static route 200 0 0 0 8 To reduce the number of LSAs advertised to Area 1 without affecting the route reachability configure Ar...

Page 386: ...ace For details about the configuration see the configuration files Step 2 Configure basic OSPF functions 5 2 Configuring Basic OSPF Functions shows how to configure basic OSPF functions For details about the configuration see the configuration files Step 3 Configure Router D to import the static route 200 0 0 0 8 RouterD ip route static 200 0 0 0 8 null 0 RouterD ospf RouterD ospf 1 import route ...

Page 387: ... 1 1 1 1 0 0 0 1 192 168 1 0 24 1 Stub 192 168 1 2 3 3 3 3 0 0 0 1 192 168 2 0 24 3 Inter area 192 168 1 1 1 1 1 1 0 0 0 1 Total Nets 4 Intra Area 1 Inter Area 3 ASE 0 NSSA 0 After Area 1 where Router C resides is configured as a stub area a default route not an AS external route exists in the routing table Step 5 Prevent Type 3 LSAs from being advertised to the stub area RouterA ospf RouterA ospf...

Page 388: ...8 1 1 255 255 255 0 ospf 1 area 0 0 0 0 network 192 168 0 0 0 0 0 255 area 0 0 0 1 network 192 168 1 0 0 0 0 255 stub no summary return l Configuration file of Router B sysname RouterB router id 2 2 2 2 interface Pos1 0 0 link protocol ppp undo shutdown ip address 192 168 0 2 255 255 255 0 interface Pos2 0 0 link protocol ppp undo shutdown ip address 192 168 2 1 255 255 255 0 ospf 1 area 0 0 0 0 n...

Page 389: ... AS as an NSSA does not transmit routes learned from other areas in the AS but external routes imported This reduces bandwidth and storage resource consumption on the router As shown in Figure 5 11 OSPF is enabled on all routers and the entire AS is partitioned into three areas Router A and Router B function as ABRs to forward inter area routes Router D functions as an ASBR to import the external ...

Page 390: ...Router A OSPF process ID 1 network segment 192 168 0 0 24 of Area 0 network segments 192 168 1 0 24 and 192 168 3 0 24 of Area 1 l Router ID 2 2 2 2 of Router B OSPF process ID 1 network segment 192 168 2 0 24 of Area 0 network segments 192 168 1 0 24 and 192 168 4 0 24 of Area 1 l Router ID 3 3 3 3 of Router C OSPF process ID 1 network segments 192 168 0 0 24 and 192 168 2 0 24 of Area 0 l Router...

Page 391: ...1 area 1 RouterD ospf 1 area 0 0 0 1 network 192 168 3 0 0 0 0 255 RouterD ospf 1 area 0 0 0 1 network 192 168 4 0 0 0 0 255 RouterD ospf 1 area 0 0 0 1 quit View the OSPF routing table on Router D RouterD display ospf routing OSPF Process 1 with Router ID 4 4 4 4 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 192 168 3 0 24 1 Transit 192 168 3 2 4 4 4 4 0 0 0 1 19...

Page 392: ...nfigure Router D to import the static route 10 0 0 0 8 RouterD ip route static 10 0 0 0 8 null 0 RouterD ospf RouterD ospf 1 import route static RouterD ospf 1 quit View the OSPF routing table on Router C RouterC display ospf routing OSPF Process 1 with Router ID 3 3 3 3 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 192 168 0 0 24 1 Transit 192 168 0 2 3 3 3 3 0 0...

Page 393: ...192 168 0 1 1 1 1 1 0 0 0 0 192 168 4 0 24 2 Inter area 192 168 2 1 2 2 2 2 0 0 0 0 Routing for ASEs Destination Cost Type Tag NextHop AdvRouter 10 0 0 0 8 1 Type2 1 192 168 0 1 1 1 1 1 Total Nets 7 Intra Area 2 Inter Area 4 ASE 1 NSSA 0 The command output shows that Router C has imported the AS external route and the router with the router ID of 1 1 1 1 will advertise LSAs carrying information ab...

Page 394: ...168 4 2 255 255 255 0 ospf 1 area 0 0 0 0 network 192 168 2 0 0 0 0 255 area 0 0 0 1 network 192 168 1 0 0 0 0 255 network 192 168 4 0 0 0 0 255 nssa return l Configuration file of Router C sysname RouterC router id 3 3 3 3 interface Pos1 0 0 link protocol ppp undo shutdown ip address 192 168 0 2 255 255 255 0 interface Pos2 0 0 link protocol ppp undo shutdown ip address 192 168 2 2 255 255 255 0 ...

Page 395: ...As a result multicast forwarding entries will not be created As shown in Figure 5 12 Router A Router B Router C Router D and Router E are running OSPF Router B and Router D set up an MPLS TE tunnel with the tunnel interface Tunnel 1 0 0 and Router B is configured with IGP Shortcut The outbound interface calculated by Router B may be the TE tunnel interface not the physical interface GE 2 0 0 Route...

Page 396: ... Enable PIM SM on each router 3 Configure an MPLS RSVP TE tunnel 4 Configure an MPLS TE tunnel and enable IGP Shortcut for it on Router B 5 Enable local OSPF MT on Router B Data Preparation To complete the configuration you need the following data l IP address of each interface on each router as shown in Table 5 3 Table 5 3 IP address of each interface router IP Address of Loopback 0 Router A 1 1 ...

Page 397: ...uter E are similar to those on Router A The detailed configurations are not provided here Enable IGMP on Ethernet 1 0 0 of Router A RouterA interface Gigabitethernet 1 0 0 RouterA GigabitEthernet1 0 0 igmp enable RouterA GigabitEthernet1 0 0 igmp version 3 RouterA GigabitEthernet1 0 0 quit Configure a C BSR and a C RP Configure a C BSR and a C RP on Router D RouterD pim RouterD pim c bsr Gigabitet...

Page 398: ...interface Gigabitethernet 1 0 0 RouterC GigabitEthernet1 0 0 mpls RouterC GigabitEthernet1 0 0 mpls te RouterC GigabitEthernet1 0 0 mpls rsvp te RouterC GigabitEthernet1 0 0 quit RouterC interface Gigabitethernet 2 0 0 RouterC GigabitEthernet2 0 0 mpls RouterC GigabitEthernet2 0 0 mpls te RouterC GigabitEthernet2 0 0 mpls rsvp te RouterC GigabitEthernet2 0 0 quit RouterC ospf 1 RouterC ospf 1 opaq...

Page 399: ... Tunnel1 0 0 10 0 0 0 24 Direct 0 0 D 10 0 0 2 GigabitEthernet1 0 0 10 0 0 2 32 Direct 0 0 D 127 0 0 1 InLoopBack0 10 0 1 0 24 Direct 0 0 D 10 0 1 2 GigabitEthernet2 0 0 10 0 1 2 32 Direct 0 0 D 127 0 0 1 InLoopBack0 10 0 2 0 24 OSPF 10 2 D 10 0 1 1 GigabitEthernet2 0 0 OSPF 10 2 D 10 0 1 1 Tunnel1 0 0 10 0 3 0 24 OSPF 10 2 D 2 2 2 2 Tunnel1 0 0 127 0 0 0 8 Direct 0 0 D 127 0 0 1 InLoopBack0 127 0...

Page 400: ...ast routing table on Router C End Configuration Files l Configuration file of Router A sysname RouterA router id 1 1 1 1 multicast routing enable interface GigabitEthernet2 0 0 undo shutdown ip address 10 0 0 1 255 255 255 0 pim sm igmp version 3 interface GigabitEthernet1 0 0 undo shutdown ip address 172 16 1 1 255 255 255 0 pim sm igmp enable interface LoopBack0 ip address 1 1 1 1 255 255 255 25...

Page 401: ...55 pim sm interface Tunnel1 0 0 ip address unnumbered interface LoopBack0 tunnel protocol mpls te destination 4 4 4 4 mpls te tunnel id 100 mpls te igp shortcut ospf mpls te igp metric relative 10 mpls te commit pim C BSR LoopBack0 C RP LoopBack0 return l Configuration file of Router C sysname RouterC multicast routing enable mpls lsr id 3 3 3 3 mpls mpls te mpls rsvp te ospf 1 opaque capability e...

Page 402: ...Ethernet1 0 0 undo shutdown ip address 10 0 3 1 255 255 255 0 pim sm interface GigabitEthernet2 0 0 undo shutdown ip address 10 0 2 1 255 255 255 0 pim sm mpls mpls te mpls rsvp te interface LoopBack0 ip address 4 4 4 4 255 255 255 255 pim sm ospf 1 opaque capability enable area 0 0 0 0 network 10 0 2 0 0 0 0 255 network 10 0 3 0 0 0 0 255 network 4 4 4 4 0 0 0 0 mpls te enable pim C BSR GigabitEt...

Page 403: ...ansmitted at gigabit rates long time fault detection will cause packet loss This cannot meet high reliability requirements of the carrier class network BFD for OSPF is used to resolve the problem After BFD for OSPF is configured the link status can be rapidly detected and fault detection can be completed in milliseconds This speeds up OSPF convergence when the link status changes For example as sh...

Page 404: ... 3 3 of Router C OSPF process ID 1 network segments 1 1 1 0 24 and 2 2 2 0 24 of Area 0 l Minimum intervals at which BFD packets are sent and received and the local detection multiplier on Router A and Router B Procedure Step 1 Assign an IP address to each interface Figure 5 13 shows how to assign an IP address to each interface For details about the configuration see the configuration files Step ...

Page 405: ... 1 1 1 1 1 0 0 0 0 2 2 2 0 24 2 Transit 3 3 3 2 3 3 3 3 0 0 0 0 2 2 2 0 24 2 Transit 1 1 1 2 3 3 3 3 0 0 0 0 1 1 1 0 24 1 Transit 1 1 1 1 1 1 1 1 0 0 0 0 Total Nets 5 Intra Area 5 Inter Area 0 ASE 0 NSSA 0 The preceding command output shows that the next hop address of the route to 172 16 1 0 24 is 3 3 3 2 and service traffic is transmitted on the primary link from Router A to Router B Step 3 Conf...

Page 406: ...mary link fault RouterB interface gigabitethernet 2 0 0 RouterB GigabitEthernet2 0 0 shutdown Check the routing table on Router A RouterA display ospf routing OSPF Process 1 with Router ID 1 1 1 1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 172 16 1 0 24 2 Stub 1 1 1 2 2 2 2 2 0 0 0 0 3 3 3 0 24 1 Stub 3 3 3 1 1 1 1 1 0 0 0 0 2 2 2 0 24 2 Transit 1 1 1 2 3 3 3 3...

Page 407: ...enable bfd all interface min tx interval 500 min rx interval 500 detect multiplier 4 area 0 0 0 0 network 3 3 3 0 0 0 0 255 network 2 2 2 0 0 0 0 255 network 172 16 1 0 0 0 0 255 return l Configuration file of Router C sysname RouterC router id 3 3 3 3 bfd interface GigabitEthernet1 0 0 undo shutdown ip address 1 1 1 2 255 255 255 0 interface GigabitEthernet2 0 0 undo shutdown ip address 2 2 2 1 2...

Page 408: ... 2 Set the cost to ensure that the link from Router A to Router C is preferred 3 Enable OSPF IP FRR on Router A to protect the traffic forwarded by Router A Data Preparation To complete the configuration you need the following data l Router ID 1 1 1 1 OSPF process ID 1 network segment addresses in Area 1 10 1 1 0 and 10 2 1 0 and interface cost as shown in Figure 5 14 of Router A l Router ID 2 2 2...

Page 409: ...re Router D RouterD router id 4 4 4 4 RouterD ip route static 172 16 1 1 255 255 255 255 NULL0 RouterD ospf RouterD ospf 1 import route static RouterD ospf 1 area 1 RouterD ospf 1 area 0 0 0 1 network 10 4 1 0 0 0 0 255 Step 3 Enable OSPF IP FRR on Router A Enable OSPF IP FRR on Router A RouterA ospf RouterA ospf 1 frr RouterA ospf 1 frr loop free alternate Step 4 Verify the configuration View inf...

Page 410: ...55 return l Configuration file of Router B sysname RouterB router id 2 2 2 2 interface GigabitEthernet1 0 1 undo shutdown ip address 10 1 1 2 255 255 255 0 ospf cost 9 interface GigabitEthernet1 0 2 undo shutdown ip address 10 3 1 1 255 255 255 0 ospf cost 5 ospf 1 area 0 0 0 1 network 10 3 1 0 0 0 0 255 network 10 1 1 0 0 0 0 255 return l Configuration file of Router C sysname RouterC router id 3...

Page 411: ...5 NULL0 return 5 16 10 Example for Configuring OSPF GR This part provides an example for configuring OSPF GR to ensure nonstop forwarding when an OSPF process restarts through GR or the active standby switchover is performed Networking Requirements As shown in Figure 5 15 Router A Router B and Router D are installed with the AMB and SMB that back up each other The routers interconnect by means of ...

Page 412: ... l OSPF process number Procedure Step 1 Configure an IP address for each interface For configuration details see Configuration Files in this section Step 2 Configure basic OSPF functions 5 2 Configuring Basic OSPF Functions shows how to configure basic OSPF functions For details about the configuration see the configuration files Step 3 Optional Enable forcible active standby switchover on Router ...

Page 413: ...he user view run the reset ospf process graceful restart command on Router A to restart OSPF process 1 Run the display ospf peer command on Router D to check the OSPF neighbor relationship between Router D and Router A If the status of the OSPF neighbor relationship is Full it indicates that the relationship is not interrupted when Router A restarts the OSPF process through GR RouterA reset ospf 1...

Page 414: ...Reply from 192 168 1 1 bytes 56 Sequence 1 ttl 253 time 90 ms Reply from 192 168 1 1 bytes 56 Sequence 2 ttl 253 time 30 ms Reply from 192 168 1 1 bytes 56 Sequence 3 ttl 253 time 50 ms Reply from 192 168 1 1 bytes 56 Sequence 4 ttl 253 time 60 ms Reply from 192 168 1 1 bytes 56 Sequence 5 ttl 253 time 70 ms 192 168 1 1 ping statistics 5 packet s transmitted 5 packet s received 0 00 packet loss ro...

Page 415: ...work 10 1 3 0 0 0 0 255 network 192 168 2 0 0 0 0 255 return l Configuration file of Router D sysname RouterD interface GigabitEthernet2 0 0 ip address 192 168 1 1 255 255 255 0 interface Pos1 0 0 link protocol ppp ip address 10 1 1 1 255 255 255 0 ospf 1 opaque capability enable graceful restart area 0 0 0 1 network 192 168 1 0 0 0 0 255 network 10 1 1 0 0 0 0 255 return 5 16 11 Example for Confi...

Page 416: ... POS1 0 0 10 3 1 2 30 Configuration Roadmap The configuration roadmap is as follows 1 Enable OSPF on Router A Router B Router C and Router D except 10 2 1 1 30 and specify the same area for all OSPF interfaces 2 Establish IBGP full connections between Router A Router B Router C and Router D except 10 2 1 1 30 3 Set the OSPF cost on Router C 4 Establish the EBGP connection between Router D and Rout...

Page 417: ...bgp peer 2 2 2 2 as number 10 RouterA bgp peer 2 2 2 2 connect interface LoopBack 0 RouterA bgp peer 3 3 3 3 as number 10 RouterA bgp peer 3 3 3 3 connect interface LoopBack 0 RouterA bgp peer 4 4 4 4 as number 10 RouterA bgp peer 4 4 4 4 connect interface LoopBack 0 RouterA bgp quit Configure Router B RouterB system view RouterB interface LoopBack 0 RouterB LoopBack0 ip address 2 2 2 2 32 RouterB...

Page 418: ... ipv4 quit Step 5 Set the cost of OSPF on Router C RouterC interface pos 1 0 0 RouterC Pos1 0 0 ospf cost 2 RouterC Pos1 0 0 quit RouterC interface pos 2 0 0 RouterC Pos2 0 0 ospf cost 2 RouterC Pos2 0 0 quit NOTE After the cost of OSPF on Router C is set to 2 Router A chooses only Router B as the intermediate router to the network segment 10 2 1 0 Router C becomes the backup router of Router B Vi...

Page 419: ... 3 1 32 Direct 0 0 D 127 0 0 1 InLoopBack0 10 1 3 2 32 Direct 0 0 D 10 1 3 2 Pos2 0 0 10 1 4 0 30 OSPF 10 2 D 10 1 3 2 Pos2 0 0 10 1 4 1 32 IBGP 255 0 RD 10 1 3 2 Pos2 0 0 10 2 1 0 30 EBGP 255 0 RD 10 1 3 2 Pos2 0 0 10 2 1 2 32 EBGP 255 0 RD 10 1 3 2 Pos2 0 0 10 3 1 0 30 EBGP 255 0 RD 10 1 3 2 Pos2 0 0 As shown in the routing table Router B learns the route to the network segment 10 3 1 0 through ...

Page 420: ...Mask Proto Pre Cost Flags NextHop Interface 1 1 1 1 32 OSPF 10 65536 D 10 1 1 1 Pos1 0 0 2 2 2 2 32 Direct 0 0 D 127 0 0 1 InLoopBack0 4 4 4 4 32 OSPF 10 65536 D 10 1 3 2 Pos2 0 0 10 1 1 0 30 Direct 0 0 D 10 1 1 2 Pos1 0 0 10 1 1 1 32 Direct 0 0 D 10 1 1 1 Pos1 0 0 10 1 1 2 32 Direct 0 0 D 127 0 0 1 InLoopBack0 10 1 2 0 30 OSPF 10 65536 D 10 1 1 1 Pos1 0 0 10 1 3 0 30 Direct 0 0 D 10 1 3 1 Pos2 0 ...

Page 421: ...n ip address 10 1 2 1 255 255 255 252 interface LoopBack0 ip address 1 1 1 1 255 255 255 255 bgp 10 router id 1 1 1 1 peer 2 2 2 2 as number 10 peer 2 2 2 2 connect interface LoopBack 0 peer 3 3 3 3 as number 10 peer 3 3 3 3 connect interface LoopBack 0 peer 4 4 4 4 as number 10 peer 4 4 4 4 connect interface LoopBack 0 ipv4 family unicast undo synchronization peer 2 2 2 2 enable peer 3 3 3 3 enab...

Page 422: ...le of Router C sysname RouterC router id 3 3 3 3 interface Pos1 0 0 link protocol ppp undo shutdown ip address 10 1 4 1 255 255 255 252 interface Pos2 0 0 link protocol ppp undo shutdown ip address 10 1 2 2 255 255 255 252 interface LoopBack0 ip address 3 3 3 3 255 255 255 255 bgp 10 router id 3 3 3 3 peer 1 1 1 1 as number 10 peer 1 1 1 1 connect interface LoopBack 0 peer 2 2 2 2 as number 10 pee...

Page 423: ...umber 10 peer 1 1 1 1 connect interface LoopBack 0 peer 2 2 2 2 as number 10 peer 2 2 2 2 connect interface LoopBack 0 peer 3 3 3 3 as number 10 peer 3 3 3 3 connect interface LoopBack 0 ipv4 family unicast undo synchronization import route direct import route ospf 1 peer 2 2 2 2 enable peer 1 1 1 1 enable peer 5 5 5 5 enable peer 10 2 1 2 enable ospf 1 area 0 0 0 0 network 4 4 4 4 0 0 0 0 network...

Page 424: ...ecifying the valid TTL range of packets Networking Requirements As shown on the network shown in Figure 5 17 routers run OSPF and GTSM is enabled on Router A Router B and Router C Figure 5 17 Networking diagram of OSPF GTSM RouterA RouterB Virtual Link Area0 RouterC Area1 Network RouterD POS1 0 0 192 168 1 2 24 GE1 0 0 10 1 1 2 8 GE3 0 0 10 1 1 1 8 POS1 0 0 192 168 1 1 24 POS2 0 0 192 168 2 1 24 P...

Page 425: ...kets from Router C to other routers is 254 to 255 RouterC ospf valid ttl hops 2 Step 4 Verify the configuration Check whether OSPF neighbor relationships between routers are successfully established Take the display on Router C as an example The neighbor relationship is Full indicating that the neighbor relationship is successfully established RouterC display ospf peer OSPF Process 1 with Router I...

Page 426: ...LDP 0 0 0 5 OSPFv3 0 0 0 5 RIP 0 0 0 7 BGP 0 0 0 7 BGPv6 0 0 0 7 OSPF 0 0 0 7 LDP 0 0 0 7 OSPFv3 0 0 0 7 RIP 0 0 0 End Configuration files l Configuration file of Router A sysname RouterA router id 1 1 1 1 interface GigabitEthernet3 0 0 undo shutdown ip address 10 1 1 1 255 0 0 0 interface Pos1 0 0 link protocol ppp undo shutdown ip address 192 168 1 1 255 255 255 0 interface Pos2 0 0 link protoco...

Page 427: ... 2 return l Configuration file of Router C sysname RouterC router id 3 3 3 3 interface Pos1 0 0 link protocol ppp undo shutdown ip address 192 168 2 2 255 255 255 0 ospf 1 area 0 0 0 1 network 192 168 2 0 0 0 0 255 vlink peer 1 1 1 1 ospf valid ttl hops 2 return l Configuration file of Router D sysname RouterD router id 4 4 4 4 interface GigabitEthernet1 0 0 undo shutdown ip address 10 1 1 2 255 0...

Page 428: ...f valid ttl hops 3 return HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 5 OSPF Configuration Issue 02 2014 09 30 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 403 ...

Page 429: ... NSSA Areas Configuring a non backbone area on the border of an AS as an NSSA does not transmit routes learned from other areas in the AS but imports AS external routes This reduces bandwidth and storage resource consumption on the router 6 6 Configuring OSPFv3 Route Attributes By setting OSPFv3 route attributes you can change OSPFv3 routing policies to meet the requirements of complex networks 6 ...

Page 430: ...hanisms to authenticate sent and received OSPFv3 packets protecting devices against forged OSPFv3 packets 6 13 Improving OSPFv3 Network Security If an Open Shortest Path First version 3 OSPFv3 network requires high security you can configure OSPFv3 generalized TTL security mechanism GTSM and an authentication mode to improve network security 6 14 Configuring the Network Management Function of OSPF...

Page 431: ...SPFv3 is independent of IPv6 address prefixes l OSPFv3 identifies its neighbors with the IPv6 link local addresses l OSPFv3 has three new types of LSA flooding scopes 6 1 2 OSPFv3 Features Supported by NE80E 40E The NE80E 40E supports various OSPFv3 features including multi process and GR The NE80E 40E supports the following OSPFv3 features l Basic features stipulated in RFC 2740 l OSPFv3 stub are...

Page 432: ...basic OSPFv3 functions complete the following tasks l Making the network layers of the adjacent nodes accessible l Enabling IPv6 capabilities Data Preparation To configure basic OSPFv3 functions you need the following data No Data 1 Router ID 2 OSPFv3 process ID 3 Interfaces on which OSPFv3 needs to be enabled and their areas 6 2 2 Enabling OSPFv3 Creating an OSPFv3 process is a prerequisite for c...

Page 433: ...nd 6 2 3 Enabling OSPFv3 on an Interface For an interface with multiple instances you need to specify which instance of the interface is enabled in the OSPFv3 process when enabling OSPFv3 on the interface Context After enabling OSPFv3 in the system view you need to enable OSPFv3 on the interface Because an interface has multiple instances you need to specify which instance of the interface is enab...

Page 434: ...s and specifying areas to which these interfaces belong OSPFv3 can discover and calculate routes in an AS Context You must configure the devices in the same area based on the area Otherwise the neighbor devices cannot exchange information with each other The congestion of routing information or routing loop is therefore caused Procedure Step 1 Run system view The system view is displayed Step 2 Ru...

Page 435: ... ospfv3 process id area area id peer interface type interface number verbose command or display ospfv3 process id area area id peer neighbor id verbose command to check the information about the OSPFv3 neighbor l Run the commands as follow to check the OSPFv3 routing table display ospfv3 process id routing uninstalled display ospfv3 process id routing abr routes asbr routes statistics uninstalled ...

Page 436: ...y l Configuring Basic OSPFv3 Functions Data Preparation To establish or maintain the OSPFv3 neighbor relationship you need the following data No Data 1 Interval for sending Hello packets 2 Dead time of the neighbor relationship 3 Interval for retransmitting LSAs to adjacent routers 4 Delay in sending LSAs 6 3 2 Configuring the Interval for Sending Hello Packets By adjusting the Hello interval set ...

Page 437: ...he neighbor relationship The dead time must be at least four times the Hello interval on an interface Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interface view is displayed Step 3 Run ospfv3 timer dead interval instance instance id The dead time of the neighbor relationship is specified End 6 3 4 Configuring the Interval f...

Page 438: ...t takes time to transmit OSPFv3 packets on a link Therefore a certain delay is added to the aging time of an LSA before the LSA is sent Context The LSA ages out in the LSDB of a local router instead of in the transmission process You need to set the delay for an LSA before sending it For a low speed network this configuration is necessary Procedure Step 1 Run system view The system view is display...

Page 439: ...the AS boundary is a non backbone area with only one ABR Applicable Environment To reduce the number of LSAs in the network and enhance OSPFv3 extensibility define OSPFv3 areas For some non backbone areas at the edge of ASs you can define them as stub areas for further reducing the size of the routing table and the number of LSAs The current NE80E 40E version does not support OSPFv3 NSSA areas Pre...

Page 440: ... be sent to the stub area This command does not need to be configured on other routers in the stub area The parameter no summary takes effect only when the stub command is configured on the ABR If this parameter is configured the ABR only sends the summary LSA of a default route to the stub area without originating other summary LSAs The stub area without AS external LSAs or Summary LSAs is called...

Page 441: ...ance instance id A virtual link is created and configured End 6 4 4 Checking the Configurations After OSPFv3 area attributes are configured you can check the OSPFv3 LSDB routing table and virtual links Prerequisites The OSPFv3 Areas has been configured Procedure l Run the commands as follow to check the LSDB information about OSPFv3 display ospfv3 process id lsdb area area id originate router adve...

Page 442: ... Applicable Environment An NSSA allows the transmission of Type 7 LSAs which are generated by ASBRs in an NSSA The Type 7 LSAs converting into Type 5 LSAs in the NSSA and advertised to other areas Pre configuration Tasks Before configuring an OSPFv3 NSSA complete the following tasks l Configuring IP addresses for interfaces to make neighboring nodes reachable l Configuring basic OSPFv3 functions D...

Page 443: ...ributes is complete 6 5 3 Checking the Configurations After OSPFv3 NSSAs are configured you can check OSPFv3 routing table information Prerequisites OSPFv3 NSSAs has been configured Procedure l Run the display ospfv3 area command to check information about OSPFv3 areas l Run the commands as follow to check the OSPFv3 routing table display ospfv3 process id routing uninstalled display ospfv3 proces...

Page 444: ... following tasks l Enabling IPv6 capability l Configuring Basic OSPFv3 Functions Data Preparation To configure OSPFv3 route attributes you need the following data No Data 1 Link cost 2 Maximum number of equal cost routes 6 6 2 Setting the Cost of the OSPFv3 Interface OSPFv3 can automatically calculate the link cost for an interface according to the interface bandwidth You can also set the link cos...

Page 445: ...eferences are selected for load balancing For details about route preference configuration see Step 4 2 Interface index If routes have the same priorities routes with higher interface index values are selected for load balancing 3 Next hop IP address If routes have the same priorities and interface index values routes with larger IP address are selected for load balancing Step 4 Optional Run nexth...

Page 446: ...3 process id routing abr routes asbr routes statistics uninstalled ipv6 address prefix length intra routes inter routes ase routes nssa routes End 6 7 Controlling OSPFv3 Routing Information This section describes how to control OSPFv3 routing information Detailed operations include configuring route aggregation filtering the received routes and importing external routes 6 7 1 Before You Start Befo...

Page 447: ...summary command to summarize them into one network segment In this way the ABR only sends an LSA after summarization No LSA that belongs to the summarization network segment is separately transmitted therefore reducing the LSDB size of other areas When a large number of routes are imported use the asbr summary command to summarize the imported routes and set the delay for advertising the summarize...

Page 448: ...ed route By default the cost of a summarized route is the maximum cost among those of routes that are summarized The value ranges from 1 to 16777214 tag tag specifies the tag used to control route advertisement The value of this parameter ranges from 1 to 4294967295 If not advertise is specified in the command the summarized IPv6 route that matches a specified IPv6 prefix or prefix length is not a...

Page 449: ...ule is permit a route that matches the rule will be received or advertised by the system If the action specified in an ACL rule is deny a route that matches the rule will not be received or advertised by the system If a route has not matched any ACL rules the route will not be received or advertised by the system If an ACL does not contain any rules all routes matching the route policy that refere...

Page 450: ...a route has not matched any ACL rules the route will not be received or advertised by the system If an ACL does not contain any rules all routes matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configurat...

Page 451: ...1 Run system view The system view is displayed Step 2 Run ospfv3 process id The OSPFv3 view is displayed Step 3 Run default cost cost tag tag type type The default cost of the imported route is set Step 4 Run import route protocol process id cost cost inherit cost type type tag tag route policy route policy name External routes are imported Step 5 Optional Run import route bgp permit ibgp cost cos...

Page 452: ...e route will not be received or advertised by the system If an ACL does not contain any rules all routes matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a rou...

Page 453: ...e received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes...

Page 454: ... and speeds up network convergence Context After filtering conditions are set for the incoming or outgoing Type 3 LSAs Inter Area Prefix LSAs in an area only the Type 3 LSAs that meet the filtering conditions can be received or advertised This function is applicable only to the ABR Procedure Step 1 Run system view The system view is displayed Step 2 Run ospfv3 process id The OSPFv3 process view is...

Page 455: ...he ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule ...

Page 456: ...en matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes Then configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other ...

Page 457: ...s matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Ro...

Page 458: ...l routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in th...

Page 459: ...d self originate external ipv6 address prefix length link state id l Run the commands as follow to check the OSPFv3 routing table display ospfv3 process id routing uninstalled display ospfv3 process id routing abr routes asbr routes statistics uninstalled ipv6 address prefix length intra routes inter routes ase routes nssa routes End 6 8 Optimizing an OSPFv3 Network By configuring OSPFv3 functions...

Page 460: ...Configuring the SPF Timer By setting the interval for SPF calculation you can reduce resource consumption caused by frequent network changes Context Whenever the LSDB of OSPFv3 changes the shortest path should be recalculated Calculating the shortest path each time the LSDB changes consumes enormous resources and lowers the efficiency of a router Adjusting the SPF delay and hold interval can suppr...

Page 461: ...s Context When a network is unstable control the minimum interval for receiving the same LSA update To prevent unnecessary LSA updates caused by network changes by default set the interval for receiving the same LSA update to 1000 ms Procedure Step 1 Run system view The system view is displayed Step 2 Run ospfv3 process id The OSPFv3 view is displayed Step 3 Run lsa arrival interval arrival interv...

Page 462: ...LSAs End 6 8 5 Suppressing an Interface from Sending and Receiving OSPFv3 Packets By suppressing the OSPFv3 interface from receiving and sending OSPFv3 packets you can prevent routers on a certain network from obtaining OSPFv3 routing information and prevent the local router from receiving routing information from other routers Context To prevent a router from advertising routes to the router on a...

Page 463: ...the DR priority for each interface to change the results of DR BDR election on the network Context The DR priority on a router interface qualifies the interface for the Designated Router DR election If the DR priority is 0 the router cannot be elected as a DR or Backup Designated Router BDR Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface ...

Page 464: ...ep 2 Run ospfv3 process id The OSPFv3 process view is displayed Step 3 Run stub router on startup interval The stub router is configured NOTE There is no correlation between the stub router configured through this command and the router in the stub area End 6 8 8 Ignoring MTU Check on DD Packets By disabling an interface from checking the MTU field in the received DD packet you can enable an OSPFv...

Page 465: ...ress prefix length link state id l Run the commands as follow to check the OSPFv3 routing table display ospfv3 process id routing uninstalled display ospfv3 process id routing abr routes asbr routes statistics uninstalled ipv6 address prefix length intra routes inter routes ase routes nssa routes End 6 9 Configuration OSPFv3 GR By configuring OSPFv3 GR you can avoid inaccurate route calculation an...

Page 466: ...The system view is displayed Step 2 Run ospfv3 process id The OSPFv3 view is displayed Step 3 Run graceful restart period period ack time time retransmit interval interval lsa checking ignore planned only OSPFv3 GR is enabled By default OSPFv3 GR is disabled ack time is optional After ack time is specified the restarter can discover more neighbors in the time period End 6 9 3 Enabling the Helper o...

Page 467: ...ce vpn instance name A rule is configured for the basic ACL When the rule command is run to configure rules for a named ACL only the source address range specified by source and the time period specified by time range are valid as the rules l Configure an advanced ACL 1 Run helper role acl name acl name max grace period period planned only lsa checking ignore The helper of OSPFv3 GR is enabled 2 R...

Page 468: ...ith ID 0 0 0 0 Process 1 Graceful restart capability enabled Graceful restart support planned and unplanned strict lsa check Grace Period Configured 120 Sec Last Restart exit Reason none Helper capability enabled Helper support planned and unplanned strict lsa check Max Grace Period Configured 1800 Sec Last Helper exit Reason none 6 10 Configuring BFD for OSPFv3 If there are high requirements for ...

Page 469: ...actions to perform route calculation and converge in the new network topology Pre configuration Tasks Before configuring BFD in OSPFv3 complete the following task l Configuring Basic OSPFv3 Functions Data Preparation To configure BFD for OSPFv3 you need the following data No Data 1 OSPFv3 process ID 2 Minimum Transmission Interval 3 Minimum Receive Interval 4 Detect Multiplier 6 10 2 Enabling BFD ...

Page 470: ...min receive interval min receive value detect multiplier detect multiplier value OSPFv3 BFD parameters are configured You can skip this step The default interval at which BFD packets are transmitted and the default detection multiplier are recommended The parameters are configured based on the network status and network reliability requirements A short interval at which BFD packets are transmitted...

Page 471: ...On the local device the actual interval at which BFD packets are transmitted is 600 ms calculated by using the formula max 200 ms 600 ms the interval at which BFD packets are received is 300 ms calculated by using the formula max 100 ms 300 ms the detection period is 1500 ms calculated by multiplying 300 ms by 5 l On the peer device the actual interval at which BFD packets are transmitted is 300 m...

Page 472: ... id OSPFv3 BFD parameters are configured at interface level You can skip this step The default interval at which BFD packets are transmitted and the default detection multiplier are recommended The parameters are configured based on the network status and network reliability requirements A short interval at which BFD packets are transmitted can be configured for a link that has a higher requiremen...

Page 473: ...which BFD packets are received is 300 ms calculated by using the formula max 100 ms 300 ms the detection period is 1500 ms calculated by multiplying 300 ms by 5 l On the peer device the actual interval at which BFD packets are transmitted is 300 ms calculated by using the formula max 100 ms 300 ms the actual interval at which BFD packets are received is 600 ms calculated by using the formula max 2...

Page 474: ... primary link becomes faulty This protects traffic and therefore greatly improves the reliability of OSPFv3 networks OSPFv3 IP FRR is applicable to the services that are sensitive to packet delay and packet loss Pre configuration Tasks Before configuring OSPFv3 IP FRR complete the following tasks l Configuring IP addresses for interfaces to ensure that neighboring routers are reachable at the netw...

Page 475: ...is section describes how to bind OSPFv3 IP FRR and BFD so that link faults can be detected rapidly This ensures that traffic is rapidly switched to the backup link in the case of link failures Context During the configuration of OSPFv3 IP FRR the lower layer needs to fast respond to the link change so that traffic can be rapidly switched to the backup link in the case of a link failure Bind BFD to...

Page 476: ... Return to the system view 4 Run interface interface type interface number The interface view is displayed 5 Run ospfv3 bfd enable The BFD on the specified interface is enabled with OSPFv3 6 Run ospfv3 bfd frr binding IP FRR is bound to BFD on the OSPFv3 interface End 6 11 4 Optional Disabling OSPFv3 IP FRR on an Interface OSPFv3 IP FRR can be disabled on an interface of a specific device that is ...

Page 477: ...abled End Example View the routes to the specified OSPFv3 device HUAWEI display ospfv3 routing verbose Codes E2 Type 2 External E1 Type 1 External IA Inter Area N NSSA U Uninstalled D Denied by Import Policy Destination CC Prefix Length 64 Metric 21 Type INTRA AREA Nexthop FE80 2E0 50FF FE79 8242 Nexthop Interface GigabitEthernet0 0 1 Backup Nexthop FE80 2E0 D0FF FE02 8142 Backup Interface Gigabit...

Page 478: ...capsulation mode l Configuring Basic OSPFv3 Functions Data Preparation To configure OSPFv3 IPSec you need the following data No Data 1 Security protocol 2 Authentication algorithms used by AH 3 Authentication algorithm used by ESP 4 Encapsulation algorithm used by ESP 5 AH security parameter indexes used for protecting incoming and outgoing traffic 6 ESP security parameter indexes used for protect...

Page 479: ...c sa sa name An SA is configured in the OSPFv3 process An OSPFv3 process can be associated with multiple OSPFv3 areas An SA applied in the OSPFv3 process can be used in the associated areas End 6 12 3 Enabling IPSec in an OSPFv3 Area An SA configured in an OSPFv3 area is used to authenticate the packets of the area Procedure Step 1 Run system view The system view is displayed Step 2 Run ospfv3 pro...

Page 480: ...ep 3 Run ospfv3 ipsec sa sa name An SA is configured on the interface NOTE The SA configured on an OSPFv3 interface takes precedence over that configured in an OSPFv3 process and an OSPFv3 area End 6 12 5 Enabling IPSec on the Virtual Link An SA configured on the Virtual Link is used to authenticate the packets sent and received on the Virtual Link Procedure Step 1 Run system view The system view ...

Page 481: ...played Step 3 Run area area id The OSPFv3 area view is displayed Step 4 Run sham link source address destination address ipsec sa sa name An SA is configured on the sham link NOTE The SA configured on a sham link takes precedence over that configured in an OSPFv3 process and OSPFv3 area 0 End 6 12 7 Checking the Configurations After configuring OSPFv3 IPSec you can view the information about SAs c...

Page 482: ... 0 Number of FULL neighbors 0 Number of Exchange and Loading neighbors 0 Maximum ASE LS ID 1 and Unused list Count 0 Number of LSA originated 0 Number of LSA received 0 SPF Count 0 Non Refresh LSA 0 Non Full Nbr Count 0 Number of areas in this router is 1 IP security association configured sa1 Run the display ospfv3 area command and you can view the SA configured in an OSPFv3 area For example HUAW...

Page 483: ...o Point Timer intervals configured Hello 10 Dead 40 Wait 40 Retransmit 5 Hello due in 00 00 02 Adjacency state Full IP security association configured sa1 IP security association applied sa1 Run the display ospfv3 sham link command and you can view the SA configured on an OSPFv3 sham link For example HUAWEI display ospfv3 sham link OSPFv3 Process 10 Sham Link SHAM LINK1 to router 0 0 0 0 is down A...

Page 484: ... links l In OSPFv3 authentication an authentication field is added to each OSPFv3 packet for encryption When a local device receives an OSPFv3 packet from a remote device the local device discards the packet if the authentication password carried in the packet is different from the local one which protects the local device against potential attacks Therefore OSPFv3 authentication improves network ...

Page 485: ... valid ttl hops command enables OSPFv3 GTSM and sets a TTL value If you specify vpn instance in the command the router checks the TTL values of packets only in this VPN Therefore if you want to apply the configured TTL value to packets only in a VPN or the public network specify pass in the gtsm default action command to prevent the OSPFv3 packets in other instances from being discarded incorrectl...

Page 486: ...Fv3 area authentication 1 Run system view The system view is displayed 2 Run ospfv3 process id The OSPFv3 process view is displayed 3 Run area area id The OSPFv3 area view is displayed 4 Run authentication mode hmac sha256 key id key id plain plain text cipher cipher text keychain keychain name OSPFv3 area authentication is configured NOTE If you use OSPFv3 area authentication the authentication a...

Page 487: ...g Open Shortest Path First version 3 OSPFv3 generalized TTL security mechanism GTSM and an authentication mode check the configurations Prerequisites Improvements on OSPFv3 network security have been made Procedure l Run the display gtsm statistics slot id all command to check GTSM statistics End Example Run the display gtsm statistics command The command output shows GTSM statistics on all boards...

Page 488: ...nfiguring the network management function of OSPFv3 complete the following tasks l Configuring IP addresses for interfaces to make neighboring nodes reachable l Configuring Basic OSPFv3 Functions Data Preparation None 6 14 2 Configuring OSPFv3 MIB Binding The MIB is a virtual database of the device status maintained by the managed devices Context When multiple OSPFv3 processes are enabled you can ...

Page 489: ...nts you can specify type name End 6 14 4 Checking the Configurations After the network management function is configured for OSPFv3 you can check the contents of the information channel and information recorded in the information center log buffer and trap buffer Prerequisites The Network Management Function of OSPFv3 has been configured Procedure l Run the display current configuration command to...

Page 490: ...tes and configuration roadmap Follow up Procedure NOTE This document takes interface numbers and link types of the NE40E X8 as an example In working situations the actual interface numbers and link types may be different from those used in this document 6 16 1 Example for Configuring OSPFv3 Areas This part provides an example for configuring basic OSPFv3 functions Detailed operations include enabl...

Page 491: ...uting table of Router D Data Preparation To complete the configuration you need the following data l Router ID of Router A as 1 1 1 1 of Area 1 l Router ID of Router B as 2 2 2 2 of Areas 0 and 1 l Router ID of Router C as 3 3 3 3 of Areas 0 and 2 l Router ID of Router D as 4 4 4 4 of Area 2 Procedure Step 1 Assign an IPv6 address for each interface For configuration details see Configuration File...

Page 492: ... ospfv3 1 router id 4 4 4 4 RouterD ospfv3 1 quit RouterD interface pos 2 0 0 RouterD Pos2 0 0 ospfv3 1 area 2 RouterD Pos2 0 0 quit Display the OSPFv3 neighbors of Router B RouterB display ospfv3 peer OSPFv3 Process 1 OSPFv3 Area 0 0 0 1 Neighbor ID Pri State Dead Time Interface Instance ID 1 1 1 1 1 Full 00 00 34 PosS2 0 0 0 OSPFv3 Area 0 0 0 0 Neighbor ID Pri State Dead Time Interface Instance ...

Page 493: ...ble of Router D and you can view a new default route in the routing table Its cost is the sum of the cost of the directly connected routes and the configured cost RouterD display ospfv3 routing Codes E2 Type 2 External E1 Type 1 External IA Inter Area N NSSA U Uninstalled D Denied by Import Policy OSPFv3 Process 1 OSPFv3 Process 1 Destination Metric Next hop IA 0 11 via FE80 1572 0 5EF4 1 Pos2 0 0...

Page 494: ...e RouterA ipv6 interface GigabitEthernet3 0 0 undo shutdown ipv6 enable ipv6 address 2001 DB8 4 1 64 ospfv3 1 area 0 0 0 1 interface Pos2 0 0 link protocol ppp undo shutdown ipv6 enable ipv6 address 2001 DB8 2 2 64 ospfv3 1 area 0 0 0 1 ospfv3 1 router id 1 1 1 1 return l Configuration file of Router B sysname RouterB ipv6 interface Pos1 0 0 link protocol ppp undo shutdown ipv6 enable ipv6 address...

Page 495: ...a 0 0 0 2 ospfv3 1 router id 4 4 4 4 area 0 0 0 2 stub return 6 16 2 Example for Configuring OSPFv3 DR Election This part provides an example for setting the DR priority on an interface for DR election on a broadcast network Networking Requirements In Figure 6 2 Router A has a DR priority of 100 which is the highest in the network so it is elected as the DR Router C has the second highest priority...

Page 496: ...s 2 2 2 2 DR priority as 0 l Router ID of Router C as 3 3 3 3 DR priority as 2 l Router ID of Router D as 4 4 4 4 DR priority as 1 Procedure Step 1 Assign an IPv6 address for each interface For configuration details see Configuration Files in this section Step 2 Configure basic OSPFv3 functions Configure Router A enable OSPFv3 and set its router ID to 1 1 1 1 RouterA ipv6 RouterA ospfv3 RouterA os...

Page 497: ... a DR the other broadcast interfaces of the router have the highest priority in DR election That is the DR router is elected as the DR RouterA display ospfv3 peer OSPFv3 Process 1 OSPFv3 Area 0 0 0 0 Neighbor ID Pri State Dead Time Interface Instance ID 2 2 2 2 1 2 Way DROther 00 00 32 GE1 0 0 0 3 3 3 3 1 Full Backup 00 00 36 GE1 0 0 0 4 4 4 4 1 Full DR 00 00 38 GE1 0 0 0 Display the neighbors of ...

Page 498: ...DR BDR Restart all routers or run the shutdown and undo shutdown commands on the interface that establishes the OSPFv3 neighbor relationship and make OSPFv3 re elect the DR BDR Step 5 Verify the configuration Display the neighbors of Router A and you can view that Router C is the BDR RouterA display ospfv3 peer OSPFv3 Process 1 OSPFv3 Area 0 0 0 0 Neighbor ID Pri State Dead Time Interface Instance...

Page 499: ...figuration file of Router C sysname RouterC ipv6 interface GigabitEthernet1 0 0 undo shutdown ipv6 enable ipv6 address 2001 DB8 3 64 ospfv3 1 area 0 0 0 0 ospfv3 dr priority 2 ospfv3 1 router id 3 3 3 3 return l Configuration file of Router D sysname RouterD ipv6 interface GigabitEthernet1 0 0 undo shutdown ipv6 enable ipv6 address 2001 DB8 4 64 ospfv3 1 area 0 0 0 0 ospfv3 1 router id 4 4 4 4 ret...

Page 500: ...ng diagram of configuring OSPFv3 virtual links RouterB POS1 0 0 2001 DB8 1 2 64 RouterC Area1 POS2 0 0 2001 DB8 1 1 64 POS1 0 0 2001 DB8 2 1 64 RouterA Area2 POS1 0 0 2001 DB8 2 2 64 POS2 0 0 2001 DB8 3 1 64 RouterD Area0 POS1 0 0 2001 DB8 3 2 64 Configuration Roadmap The configuration roadmap is as follows 1 Enable basic OSPFv3 functions on each router 2 Configure virtual links on Router B and Ro...

Page 501: ...uter C and set its Router ID to 3 3 3 3 RouterC ipv6 RouterC ospfv3 RouterC ospfv3 1 router id 3 3 3 3 RouterC ospfv3 1 quit RouterC interface Pos 1 0 0 RouterC Pos1 0 0 ospfv3 1 area 1 RouterC Pos1 0 0 quit RouterC interface Pos 2 0 0 RouterC Pos2 0 0 ospfv3 1 area 0 RouterC Pos2 0 0 quit Enable OSPFv3 on Router D and set its Router ID to 4 4 4 4 RouterD ipv6 RouterD ospfv3 RouterD ospfv3 1 route...

Page 502: ... 1 128 1 via FE80 4D67 0 EB7D 2 Pos1 0 0 2001 DB8 1 2 128 1 directly connected Pos1 0 0 IA 2001 DB8 2 64 2 via FE80 4D67 0 EB7D 2 Pos1 0 0 2001 DB8 3 64 1 directly connected Pos2 0 0 NOTE After a virtual link is configured Area 2 is connected to Area 0 through the virtual link So the route to Area 2 is contained in the routing table of Router C End Configuration Files l Configuration file of Route...

Page 503: ... ipv6 enable ipv6 address 2001 DB8 1 2 64 ospfv3 1 area 0 0 0 1 interface Pos2 0 0 link protocol ppp undo shutdown ipv6 enable ipv6 address 2001 DB8 3 1 64 ospfv3 1 area 0 0 0 0 ospfv3 1 router id 3 3 3 3 area 0 0 0 1 vlink peer 2 2 2 2 return l Configuration file of Router D sysname RouterD ipv6 interface Pos1 0 0 link protocol ppp undo shutdown ipv6 enable ipv6 address 2001 DB8 3 2 64 ospfv3 1 a...

Page 504: ...1 0 0 2001 DB8 2 2 64 POS1 0 0 2001 DB8 1 1 64 POS1 0 0 2001 DB8 1 2 64 RouterA RouterC Configuration Roadmap The configuration roadmap is as follows 1 Enable the OSPFv3 helper in the OSPFv3 view of Router B 2 Enable OSPFv3 GR in the OSPFv3 view of Router A Data Preparation To complete the configuration you need the following data l IPv6 address of each interface l OSPFv3 process number Procedure ...

Page 505: ...01 DB8 1 1 Flag U Label NULL Tunnel ID 0 TimeStamp Date 25 6 2007 Time 17 31 46 reference 1 Interface Pos1 0 0 From the preceding display you can find that the FIB on Router A changes and services are affected Restart OSPFv3 process 100 on Router A in GR mode RouterA reset ospfv3 100 graceful restart Run the display ipv6 fib 6 command on Router A to view the FIB and check whether GR works normally...

Page 506: ...0 0 link protocol ppp undo shutdown ipv6 enable ipv6 address 2001 DB8 1 2 64 ospfv3 100 area 0 0 0 0 interface Pos2 0 0 link protocol ppp undo shutdown ipv6 enable ipv6 address 2001 DB8 2 1 64 ospfv3 100 area 0 0 0 0 ospfv3 100 router id 2 2 2 2 helper role return l Configuration file of Router C ipv6 interface Pos2 0 0 link protocol ppp undo shutdown ipv6 enable ipv6 address 2001 DB8 2 2 64 ospfv...

Page 507: ...tted on the standby link Figure 6 5 Networking diagram for configuring BFD for OSPFv3 RouterC RouterB GE1 0 0 2001 DB8 1 3 64 RouterA GE1 0 0 2001 DB8 1 2 64 GE1 0 1 2001 DB8 3 1 64 GE1 0 1 2001 DB8 3 3 64 GE1 0 1 2001 DB8 2 1 64 GE1 0 0 2001 DB8 2 2 64 GE1 0 2 2001 DB8 4 1 64 Configuration Roadmap The configuration roadmap is as follows 1 Enable the basic OSPFv3 functions on each router 2 Configu...

Page 508: ...rB interface gigabitethernet 1 0 2 RouterB GigabitEthernet1 0 2 ipv6 enable RouterB GigabitEthernet1 0 2 ospfv3 1 area 0 0 0 0 Configure Router C RouterC ospfv3 1 RouterC ospfv3 1 router id 3 3 3 3 RouterC ospfv3 1 quit RouterC interface gigabitethernet 1 0 0 RouterC GigabitEthernet1 0 0 ipv6 enable RouterC GigabitEthernet1 0 0 ospfv3 1 area 0 0 0 0 RouterC GigabitEthernet1 0 0 quit RouterC interf...

Page 509: ... 64 1 directly connected GigabitEthernet1 0 1 2001 DB8 4 1 64 1 via FE80 E0 CE19 8142 1 GigabitEthernet1 0 0 As shown in the OSPFv3 routing table the next hop address of the route to 2001 DB8 4 1 64 is GigabitEthernet1 0 0 and traffic is transmitted on the active link Router A Router B Step 3 Configure OSPFv3 BFD Enable global BFD on Router A RouterA bfd RouterA bfd quit RouterA ospfv3 RouterA osp...

Page 510: ...lier 0 OSPFv3 Module preferred timer values Transmit Interval ms 1000 Receive Interval ms 1000 Detect Multiplier 3 Configured timer values Transmit Interval ms 1000 Receive Interval ms 1000 Detect Multiplier 3 Step 4 Verify the configuration Run the shutdown command on GE 1 0 0 of Router B to simulate the active link failure RouterB interface gigabitethernet1 0 0 RouterB GigabitEthernet1 0 0 shutd...

Page 511: ...ation file of Router B sysname RouterB ipv6 bfd ospfv3 1 router id 2 2 2 2 bfd all interfaces enable bfd all interfaces min transmit interval 100 min receive interval 100 detect multiplier 4 interface gigabitethernet1 0 0 ipv6 enable ipv6 address 2001 DB8 1 2 64 ospfv3 1 area 0 0 0 0 interface gigabitethernet1 0 1 ipv6 enable ipv6 address 2001 DB8 2 1 64 ospfv3 1 area 0 0 0 0 interface gigabitethe...

Page 512: ...onfigured IP packets along the route between RouterA and RouterB may be modified or faked causing neighbor relationships between RouterA and RouterB to be interrupted or incorrect routes to be imported To prevent such attacks IPSec can be configured between RouterA and RouterB to protect OSPFv3 packets during transmission ESP is configured as the security protocol and SHA 1 is configured as the au...

Page 513: ... 1 RouterA ospfv3 1 area 1 RouterA ospfv3 1 area 0 0 0 1 quit RouterA ospfv3 1 quit Configure RouterB HUAWEI system view HUAWEI sysname RouterB RouterB ospfv3 1 RouterB ospfv3 1 router id 2 2 2 2 RouterB ospfv3 1 area 1 RouterB ospfv3 1 area 0 0 0 1 quit RouterB ospfv3 1 quit Step 2 Configure IPv6 addresses and enable OSPFv3 on interfaces Configure RouterA RouterA interface gigabitethernet1 0 1 Ro...

Page 514: ...lation mode transport transform esp new ESP protocol authentication MD5 HMAC 96 not use encryption Step 4 Configure SAs and apply them to RouterA and RouterB Configure an SA and apply it to RouterA RouterA ipsec sa sa1 RouterA ipsec sa sa1 proposal proposal1 RouterA ipsec sa sa1 quit Configure an SA and apply it to RouterB RouterB ipsec sa sa2 RouterB ipsec sa sa2 proposal proposal2 RouterB ipsec ...

Page 515: ... outbound ESP setting ESP spi 12345 0x3039 ESP string key D0 GQf w2 X k6 E Z z ESP encryption hex key ESP authentication hex key Run the display ipsec statistics command to view statistics about incoming and outgoing packets processed by IPSec and detailed information about dropped packets If statistics about incoming and outgoing packets processed by IPSec are displayed the configuration succeeds...

Page 516: ...und esp 12345 sa string key inbound esp b br9 zi X Y Y Lw L v sa spi outbound esp 12345 sa string key outbound esp D0 GQf w2 X k6 E Z z ospfv3 1 router id 1 1 1 1 ipsec sa sa1 area 0 0 0 1 interface GigabitEthernet1 0 1 undo shutdown ipv6 enable ipv6 address 2001 DB8 100 1 64 ospfv3 1 area 0 0 0 1 l Configuration file of RouterB sysname RouterB ipsec proposal proposal2 encapsulation mode transport...

Page 517: ...et1 0 1 undo shutdown ipv6 enable ipv6 address 2001 DB8 100 2 64 ospfv3 1 area 0 0 0 1 HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 6 OSPFv3 Configuration Issue 02 2014 09 30 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 492 ...

Page 518: ...improve the route searching efficiency and simplify route management on a large scale IS IS network configure IS IS route summarization to reduce the number of IS IS routes in a routing table 7 6 Configuring IPv4 IS IS to Interact with Other Routing Protocols If other routing protocols are configured on an IS IS network you need to configure IS IS to interact with these protocols to ensure success...

Page 519: ...guring the IPv6 IS IS Route Convergence Speed Accelerating IS IS route convergence can improve the fault location efficiency and improve the network reliability 7 17 Configuring Dynamic BFD for IPv6 IS IS If high speed data services are deployed on an IS IS network dynamic BFD for IPv6 IS IS can be configured to accelerate the fault detection speed 7 18 Configuring Multi Topology for IPv6 IS IS By...

Page 520: ...IS The configuration examples explain networking requirements configuration notes and configuration roadmap HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 7 IS IS Configuration Issue 02 2014 09 30 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 495 ...

Page 521: ... IS IS is a link state protocol It uses the Shortest Path First SPF algorithm to calculate routes It resembles the Open Shortest Path First OSPF protocol IS IS Areas To support large scale networks the IS IS adopts a two level structure in a Routing Domain RD A large RD is divided into one or more areas The intra area routes are managed by the Level 1 routers whereas the inter area routes are mana...

Page 522: ... links l Broadcast links such as Ethernet and Token Ring l Point to point links such as PPP and HDLC NOTE For a Non Broadcast Multi Access NBMA network such as ATM you need to configure sub interfaces for it The type of subnets cannot be Point to Multipoint P2MP IS IS cannot run on P2MP networks 7 1 2 IS IS Features Supported by the NE80E 40E The NE80E 40E supports various Intermediate System to I...

Page 523: ... physical interface but a TE tunnel interface after the TE tunnel is enabled with IGP Shortcut Based on the unicast route to the multicast source address a router sends a Join message through a TE tunnel interface In this situation routers spanned by the TE tunnel cannot detect the Join message so they do not create any multicast forwarding entry A TE tunnel is unidirectional so multicast data pac...

Page 524: ...es the problem of inconsistency between IPv4 and IPv6 topology information l Separation between unicast and multicast topologies If an MPLS TE tunnel is deployed in a unicast topology the outbound interface of the route calculated by IS IS may not be a physical interface but a TE tunnel interface No multicast forwarding entry is created on the router that the TE tunnel traverses The router will di...

Page 525: ...rmation is carried in an LSP to be advertised by IS IS IS IS advertises multiple LSP fragments Each LSP fragment is identified by the LSP identifier field of an LSP The LSP identifier field is 1 byte long Therefore the maximum number of fragments that can be generated by an IS IS device is 256 The IS IS fragment extension feature allows an IS IS device to generate more LSP fragments To implement t...

Page 526: ... dynamic host name exchange mechanism also provides a service to associate a host name with the designated intermediate system DIS on a broadcast network Then LSPs of pseudo nodes advertise this association in the form of a dynamic host name TLV It is easier to identify and memorize the host name than the system ID After this function is configured the host name will display when display command i...

Page 527: ...ated using I SPF does not change PRC calculates only the changed leaf For example if an interface of a node is enabled with IS IS the SPT of the entire network remains unchanged In this case PRC updates the routes on only the interface of this node reducing the CPU usage PRC working with I SPF further improves the convergence performance of the network As an improvement of the original SPF algorit...

Page 528: ... detects only one hop links between IS IS neighbors This is because IS IS establishes only one hop neighbors l Static BFD To configure static BFD use command lines to configure single hop BFD parameters such as local and remote discriminators Then configure the device to send BFD session setup requests A static BFD session can only be established and released manually A configuration error will le...

Page 529: ...to forward packets over this link The three way handshake mechanism addresses the problem on the unreliable P2P link In three way handshake mode the router regards the neighbor as Up only after confirming that the neighbor receives the packet that it sends and then sets up an adjacency with the neighbor In addition a 32 bit circuit ID is used in the three way handshake mechanism which is an extens...

Page 530: ...ces and maintains two identical LSDBs consuming excessive system resources l Optional Configure IS IS host name mapping After IS IS host name mapping is configured a host name but not the system ID of a device will display by using display commands This configuration improves the maintainability on an IS IS network l Optional Enable the output of the IS IS adjacency status If the local terminal mo...

Page 531: ... area ID is used to uniquely identify an area in the same IS IS domain All routers in the same Level 1 area must share the same area ID while routers in the same Level 2 area can have different area IDs l The system ID must be unique in the whole area and backbone area l A maximum of three area IDs can be configured for an IS IS process Therefore a maximum of three NETs can be configured When conf...

Page 532: ...local IS IS device The value of symbolic name will not be added to LSP packets If dynamic host name mappings is configured on an IS IS network the mappings on the network overwrite the mappings configured on the local router l Optional Enable the output of the IS IS adjacency status 1 Run log peer change The output of the adjacency status is enabled l Optional Enable IS IS adjacency strict check 1...

Page 533: ...o neighbor relationship needs to be established between loopback interfaces If this command is run on a loopback interface the routes of the network segment where the loopback interface resides will be advertised through other IS IS interfaces l Optional Configure the level of an IS IS interface 1 Run isis circuit level level 1 level 1 2 level 2 The level of the interface is configured By default ...

Page 534: ...rity l Interface cost is configured for a specified interface l Global cost is configured for all interfaces l Automatically calculated cost is automatically calculated based on the interface bandwidth If none of the preceding configurations is performed the default cost of an IS IS interface is 10 and the default cost style is narrow Procedure l Configure the IS IS cost type 1 Run system view The...

Page 535: ...utes imported by the interface can all be learned The cost of the route is 1023 Subsequent routes forwarded by the interface are discarded If relax spf limit is specified the cost of a route works as follows There is no limit on costs of interfaces or route costs The cost of a route received by an interface is the actual cost If the cost style is wide compatible or wide the cost of the interface r...

Page 536: ... x 10 NOTE The auto cost enable command can be run on Eth Trunk interfaces as same with on physical interfaces If the command is run on an Eth Trunk interface the bandwidth of the Eth Trunk interface is equal to the total bandwidth of all its member interfaces If the cost style is narrow narrow compatible or compatible the cost of each interface is based on costs listed in Table 7 1 Table 7 1 Mapp...

Page 537: ...ou can configure the type of an interface on the local device to P2P so that an IS IS neighbor relationship can be established between the two devices IS IS on a P2P network is not required to select a DIS Therefore you do not need to configure DIS priorities To ensure the reliability of P2P links configure IS IS to use the three way handshake mode for IS IS neighbor relationship establishment so ...

Page 538: ...gs are restored for the interval for sending Hello packets the number of Hello packets that IS IS fails to receive from a neighbor before the neighbor is declared Down interval for retransmitting LSPs on a P2P link various IS IS authentication modes DIS priority and interval for sending CSNPs on a broadcast network l Set the negotiation mode in which P2P neighbor relationships can be set up 1 Run ...

Page 539: ... network segment where the interface resides is not advertised through LSPs l Configure the scale of the Hello packets sent on the IS IS interface 1 Run system view The system view is displayed 2 Run interface interface type interface number The interface view is displayed NOTE Step 3 and Step 4 are mutually exclusive Run the command as needed 3 Run isis small hello The Hello packets without the p...

Page 540: ...instance vpn instance name command to check information about IS IS interfaces Step 4 Run the display isis route process id vpn instance vpn instance name ipv4 verbose level 1 level 2 ip address mask mask length command to check information about IS IS routes Step 5 Run the display isis cost interface interface type interface number to display costs of an interface and how they are generated End E...

Page 541: ... 10 L2 10 DIS Hello Timer Value L1 3 L2 3 Hello Multiplier Value L1 3 L2 3 LSP Throttle Timer L12 50 Cost L1 30 L2 30 Ipv6 Cost L1 10 L2 10 Priority L1 20 L2 20 Retransmit Timer Value L12 5 Bandwidth Value Low 1000000000 High 0 Static Bfd NO Dynamic Bfd NO Dynamic IPv6 Bfd NO Fast Sense Rpr NO Suppress Base NO IPv6 Suppress Base NO Delay peer time Configured 100s Left Run the display isis route co...

Page 542: ...ting parameters of LSPs Pre configuration Tasks Before establishing or maintaining IS IS neighbor relationships or adjacencies complete the following tasks l Configuring IP addresses of interfaces to make neighboring nodes reachable l 7 2 Configuring Basic IPv4 IS IS Functions Data Preparation To establish or maintain IS IS neighbor relationships or adjacencies you need the following data No Data ...

Page 543: ...ayed 2 Run interface interface type interface number The interface view is displayed 3 Run isis timer holding multiplier number level 1 level 2 The invalid number of Hello packets is set If no level is specified both the Level 1 timer and Level 2 timer are configured NOTE level 1 and level 2 can be found only on the broadcast interface IS IS maintains neighbor relationships with neighbors through ...

Page 544: ...able transmission the local router retransmits the LSP according to the retransmit interval By default the interval for retransmitting the LSP packet on the P2P link is 5 seconds The LSPs sent on a broadcast link do not need any response l Configuring the Minimum Interval for Sending LSPs 1 Run system view The system view is displayed 2 Run interface interface type interface number The interface v...

Page 545: ...econds When performing configurations ensure that the LSP refresh interval is 300 seconds shorter than the maximum LSP Keepalive time In this way new LSPs can reach all routers in an area before existing LSPs expire NOTE It is recommended to adjust the difference between the LSP refresh period and the maximum Keepalive time of the LSP depending on the network scale l Configure the max lifetime of ...

Page 546: ...incr interval is not used and generating the same LSPs or LSP fragments for the first time init interval is used as the initial delay Then the delay for generating the same LSPs or LSP fragments is max interval After the delay reaches max interval for three times or the IS IS process is reset the interval is reduced to init interval When only max interval is used the intelligent timer changes into...

Page 547: ... mesh group does not flood the LSP received from an interface of the group to the other interfaces of the group but floods it to interfaces of other groups or interfaces that do not belong to any group When mesh blocked is configured on an interface the interface is blocked and cannot flood LSPs outside All the interfaces added to a mesh group implement global LSDB synchronization through CSNP and...

Page 548: ...ted lsp history level 1 level 2 level 1 2 process id vpn instance vpn instance name display isis statistics packet interface interface type interface number display isis process id statistics level 1 level 2 level 1 2 packet End Example On GE 1 0 0 set the interval for sending Hello packets to 15 the invalid number of Hello packets to 10 the interval for sending Level 1 CSNPs to 123 and the minimu...

Page 549: ...ring the IPv4 IS IS Interfaces NOTE Changing the IS IS cost for an interface can achieve the function of controlling route selection but requires routes on the interface to be recalculated and reconverged when a network topology changes especially on a large scale network In addition the configuration result may not meet your expectation Therefore the configuration of changing IS IS costs has best...

Page 550: ...are unaware of the entire network topology because they only maintain LSDBs in the local Level 1 area Therefore a device in a Level 1 area can forward traffic to a Level 2 device only through the nearest Level 1 2 device The route used may not be the optimal route to the destination To enable a device in a Level 1 area to select the optimal route configure IPv4 IS IS route leaking so that specifie...

Page 551: ...he route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to filter o...

Page 552: ...to filter out the unwanted routes Then configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system Then configure another rule with a la...

Page 553: ...he route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to filter o...

Page 554: ...larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system Then configure another rule with a larger number in the same ACL and specify the action deny in this rule ...

Page 555: ... id The IS IS view is displayed 3 Run maximum load balancing number The maximum number of load balancing equal cost IS IS routes is set NOTE When the number of equal cost routes is greater than number specified in the maximum load balancing command valid routes are selected for load balancing based on the following criteria 1 Route preference Routes with lower preferences are selected for load bal...

Page 556: ...e added to the IP routing table and cannot be selected to forward IP packets Procedure Step 1 Run system view The system view is displayed Step 2 Run isis process id The IS IS view is displayed Step 3 Run any of the following commands as required l Based on the basic ACL 1 Run filter policy acl number acl name acl name import conditions for filtering IS IS routes are configured 2 Run quit return t...

Page 557: ...uit return to the system view 3 Run acl name acl name advance number acl number2 match order auto config the basic ACL view is displayed 4 Run rule rule id deny permit protocol source source ip address source wildcard any time range time name a rule is configured for the basic ACL When a filtering policy of a routing protocol is used to filter routes If the action specified in an ACL rule is permi...

Page 558: ...y than BGP routes To prevent blackhole routes on a network where both IS IS and BGP are configured set an overload bit to instruct an IS to enter the overload state during its start or restart After BGP convergence is complete cancel the overload bit Procedure Step 1 Run system view The system view is displayed Step 2 Run isis process id The IS IS view is displayed Step 3 Run set overload on start...

Page 559: ... Level 1 2 router Based on the network requirements you can configure whether the Level 1 2 router sets the ATT bit carried in the LSP and whether a Level 1 router generates a default route after it receives the LSP carrying ATT bit 1 NOTE This mode applies only to Level 1 routers Procedure l Configure command triggered default route generation mode 1 Run system view The system view is displayed 2...

Page 560: ... transmission a high BER will degrade or even interrupt services in extreme cases To prevent this problem configure IS IS interfaces to automatically adjust link costs based on link quality so that unreliable links are not used by the optimal routes Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interface view is displayed Ste...

Page 561: ...e display isis lsdb level 1 level 2 verbose local lsp id is name symbolic name process id vpn instance vpn instance name command to check information in the IS IS LSDB End Example On a Level 1 device run the display isis route command to check IS IS routing information If the Level 1 2 device is enabled to leak IS IS routes in the Level 2 area to Level 1 areas the output of the display isis route ...

Page 562: ... Self LSP Self LSP Extended ATT Attached P Partition OL Overload Level 2 Link State Database LSPID Seq Num Checksum Holdtime Length ATT P OL 2222 2222 2222 00 00 0x00000008 0x1d57 1017 84 0 0 0 SOURCE 2222 2222 2222 00 NLPID IPV4 AREA ADDR 10 INTF ADDR 10 1 1 2 INTF ADDR 20 1 1 1 NBR ID 3333 3333 3333 00 COST 10 IP Internal 10 1 1 0 255 255 255 0 COST 10 IP Internal 20 1 1 0 255 255 255 0 COST 10 ...

Page 563: ...24 10 NULL Pos1 0 0 Direct D L 172 16 1 0 24 10 NULL GE3 0 0 Direct D L 172 17 1 0 24 30 NULL Pos1 0 0 10 1 1 2 A L Pos2 0 0 10 1 2 2 10 1 2 0 24 10 NULL Pos2 0 0 Direct D L 192 168 0 0 24 20 NULL Pos1 0 0 10 1 1 2 A L Flags D Direct A Added to URT L Advertised in LSPs S IGP Shortcut U Up Down Bit Set 7 5 Configuring IPv4 IS IS Route Summarization To improve the route searching efficiency and simp...

Page 564: ...s route command to check summary routes in the IS IS routing table l Run the display ip routing table verbose command to check summary routes in the IP routing table 7 6 Configuring IPv4 IS IS to Interact with Other Routing Protocols If other routing protocols are configured on an IS IS network you need to configure IS IS to interact with these protocols to ensure successful communication between ...

Page 565: ... IS to import external routes This mode enables all devices in IS IS areas to learn external routes implementing refined control over traffic forwarding To ensure successful forwarding of traffic destined for IS IS areas you must also enable the other routing protocols to interact with IS IS Pre configuration Tasks Before configuring IPv4 IS IS to interact with other routing protocols complete the...

Page 566: ...preference preference The IS IS preference value is configured NOTE A smaller preference value indicates a higher preference The default IS IS preference value is 15 l Configure preference values for specified IS IS routes 1 Run system view The system view is displayed 2 Run isis process id The IS IS view is displayed 3 Run preference preference route policy route policy name The preference values...

Page 567: ... 1 level 2 level 1 2 command to import the external routes If you want to keep the original cost for the imported route you can run the import route ospf rip isis process id bgp permit ibgp direct inherit cost tag tag route policy route policy name level 1 level 2 level 1 2 command to import the external routes When configuring IS IS to retain the original cost value of the imported route the sour...

Page 568: ... does not exist all routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the...

Page 569: ...pecify the action deny in this rule to filter out the unwanted routes Then configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system T...

Page 570: ...7 0xd63a 1165 95 0 0 0 SOURCE 2222 2222 2222 00 NLPID IPV4 AREA ADDR 10 INTF ADDR 10 1 1 2 INTF ADDR 20 1 1 1 NBR ID 2222 2222 2222 01 COST 10 NBR ID 3333 3333 3333 00 COST 10 IP Internal 10 1 1 0 255 255 255 0 COST 10 IP Internal 20 1 1 0 255 255 255 0 COST 10 2222 2222 2222 00 01 0x00000001 0xc25d 1189 41 0 0 0 SOURCE 2222 2222 2222 00 IP Internal 0 0 0 0 0 0 0 0 COST 0 2222 2222 2222 01 00 0x00...

Page 571: ... isis route command to view the IS IS routing table The command output shows that the direct route 192 168 1 0 24 and OSPF route 14 1 1 1 32 have been imported into the Level 2 IS IS routing table HUAWEI display isis route Route information for ISIS 1 ISIS 1 Level 2 Forwarding Table IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags 10 1 1 0 24 20 NULL Pos1 0 2 20 1 1 1 A 20 1 1 0 24 10 ...

Page 572: ...oring relationships by exchanging Hello packets between two devices l LSP flooding implements LSDB synchronization between devices in the same area l SPF calculation uses the SPF algorithm to calculate IS IS routes and delivers the IS IS routes to the routing table To accelerate the IS IS route convergence speed configure the following parameters l Interval for detecting IS IS neighboring device f...

Page 573: ...oring device within the specified period called the holding time A failure in an IS IS neighboring device will trigger LSP flooding and SPF calculation after which IS IS routes are reconverged To speed up fault detection use the following methods to accelerate the speed of detecting IS IS neighboring device failures l Shorten the interval at which Hello packets are sent l Shorten the holding time ...

Page 574: ...ype of Hello packets Therefore there is no need to specify the level 1 or level 2 parameter if a P2P link is used End 7 7 3 Setting Flooding Parameters of SNPs and LSPs To speed up LSDB synchronization between devices set flooding parameters of SNPs and LSPs to proper values Context SNPs consist of CSNPs and PSNPs CSNPs carry summaries of all LSPs in LSDBs ensuring LSDB synchronization between nei...

Page 575: ...gure the intelligent timer controlling LSP generation 1 Run system view The system view is displayed 2 Run isis process id The IS IS view is displayed 3 Run timer lsp generation max interval init interval incr interval level 1 level 2 The intelligent timer controlling LSP generation is configured If a level is not specified both level 1 and level 2 are used by default The delay in generating an LS...

Page 576: ... max size The maximum length is set for each LSP to be generated 4 Run lsp length receive max size The maximum length is set for each LSP to be received NOTE Ensure that the value of max size for LSPs to be generated must be smaller than or equal to the value of max size for LSPs to be received The value of max size in the lsp length command must meet the following conditions The MTU of an Etherne...

Page 577: ...is received by other routers the lifetime of the LSP is reduced gradually If the router does not receive any more update LSPs and the lifetime of the LSP is reduced to 0 the LSP will be deleted from the LSDB 60s later if no more updated LSPs are received l Set the minimum interval at which LSPs are sent 1 Run system view The system view is displayed 2 Run interface interface type interface number ...

Page 578: ...erface interface type interface number The interface view is displayed 3 Optional Run isis circuit type p2p Emulate a broadcast interface to the P2P interface 4 Run isis timer lsp retransmit retransmit interval The interval at which LSPs are retransmitted over a P2P link is set End 7 7 4 Setting the SPF Calculation Interval To improve the fault location efficiency on an IS IS network and prevent S...

Page 579: ... remains at the value specified by max interval for three times or the IS IS process is restarted the delay decreases to the value specified by init interval l When only max interval is specified the intelligent timer functions as an ordinary one time triggering timer Step 4 Optional Run spf slice size duration time The maximum duration for SPF calculation is configured End 7 7 5 Configuring Conve...

Page 580: ...refix priority command is only applicable to the public network After the prefix priority command is run the convergence priority of 32 bit host routes is low and the convergence priorities of the other routes are determined as specified in the prefix priority command Step 4 Optional Run quit The system view is displayed Step 5 Optional Run ip route prefix priority scheduler critical weight high w...

Page 581: ... Multiplier Value L1 10 L2 10 LSP Throttle Timer L12 159 Cost L1 10 L2 10 Ipv6 Cost L1 10 L2 10 Priority L1 64 L2 64 Retransmit Timer Value L12 5 Bandwidth Value Low 100000000 High 0 Static Bfd NO Dynamic Bfd NO Fast Sense Rpr NO Run the display isis route verbose command The command output shows that the convergence priority of the route 10 10 10 0 24 imported by IS IS is Critical HUAWEI display ...

Page 582: ...n error will lead to a BFD failure For example if a local or remote discriminator is incorrectly configured a BFD session will not work properly Pre configuration Tasks Before configuring static BFD for IPv4 IS IS complete the following tasks l Configuring Basic IPv4 IS IS Functions Configuration Roadmap The configuration roadmap is as follows No Data 1 Type and number of the interface to be enabl...

Page 583: ...fied after being configured NOTE The local discriminator set using the local discr value command on a device must be the same as the remote discriminator set using the remote discr value command on the device of the other end 3 Run commit Configurations are committed 4 Run quit The system view is displayed l Enable static BFD on an interface 1 Run interface interface type interface number The view...

Page 584: ...hich no response Hello packet is received from the neighbor IS IS takes more than one second to detect that a neighbor becomes Down resulting in loss of a large amount of high speed data To solve this problem BFD must be configured for IS IS BFD provides millisecond level fault detection After detecting a link or node failure BFD will notify IS IS of the failure accelerating the IS IS route conver...

Page 585: ...stem view is displayed 2 Run bfd BFD is enabled globally 3 Run quit The system view is displayed 4 Run isis process id The IS IS view is displayed 5 Run bfd all interfaces enable BFD for IS IS is enabled After BFD is enabled globally and the neighbor status becomes Up IS IS adopts default BFD parameters to establish BFD sessions on all interfaces 6 Optional Run bfd all interfaces min rx interval r...

Page 586: ...g Run this command when BFD session parameters need to be configured for a specified interface NOTE The priority of BFD configured on an interface is higher than that of BFD configured for a process If BFD session parameters are configured for both a process and an interface the parameters on the interface will be used to establish a dynamic BFD session End Checking the Configurations After BFD is...

Page 587: ...o end services for example voice services and data services share the same physical links As a result some links may be heavily congested whereas some other links are relatively idle Different types of services have different QoS requirements which cannot be met in the traditional unicast topology Multi topology for IS IS enables the operation of multiple independent logical topologies in an IS IS...

Page 588: ...opology instances Procedure Step 1 Run system view The system view is displayed Step 2 Run isis process id The IS IS view is displayed Step 3 Run cost style narrow wide wide compatible The cost style for the packets received and sent by the router is set to wide or wide compatible Step 4 Run topology topology name topology id multicast topology id The specified IS IS process is associated with the...

Page 589: ...ue l set overload on startup timeout1 start from nbr system id timeout1 timeout2 wait for bgp timeout1 send sa bit timeout3 allow interlevel external l spf priority priority value l summary ip address mask avoid feedback generate_null0_route tag tag level 1 level 1 2 level 2 End 7 10 3 Enabling Multi Topology for IPv4 IS IS Interfaces After enabling multi topology for IS IS you need to associate a...

Page 590: ...he interface in the topology instance is configured Step 7 Optional Run undo isis lfa backup topology topology name level 1 level 2 level 1 2 The interface is disabled from being a backup interface Step 8 Optional Run isis topology topology name tag value tag level 1 level 2 An administrative tag is set for the interface in the specified topology instance End 7 10 4 Checking the Configurations Aft...

Page 591: ...rt Capable YES Suppressed Adj NO Peer System Id 0000 0000 0003 Total Peer s 2 Run the display isis route topology Red command The command output shows the information about routes of the IS IS topology instance named Red HUAWEI display isis route topology Red Route information for ISIS 1 topology Red ISIS 1 Level 2 Forwarding Table IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags 10 1 ...

Page 592: ... Start Before configuring IS IS Auto FRR familiarize yourself with the usage scenario complete the pre configuration tasks and obtain the required data This can help you complete the configuration task quickly and accurately Applicable Environment At present the VoIP and on line video services require high quality real time transmission Nevertheless if an IS IS fault occurs multiple processes incl...

Page 593: ...orwarded traffic Procedure Step 1 Run system view The system view is displayed Step 2 Run isis process id The IS IS process is enabled and the IS IS view is displayed Step 3 Run frr The IS IS FRR view is displayed Step 4 Optional Run frr policy route route policy route policy name Backup routes are filtered using a filtering policy Only backup routes that have passed the filtering policy are added...

Page 594: ... that can function as backup outbound interfaces Context Perform the following steps on the IS IS interface to be disabled from participating in the Loop Free Alternate LFA calculation Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interface view is displayed Step 3 Run undo isis lfa backup level 1 level 2 level 1 2 The interf...

Page 595: ...ount 1 Flags A L Priority Low NextHop Interface ExitIndex 1 0 0 2 GE1 0 0 0x00000003 B 2 0 0 2 GE2 0 0 0x00000004 Flags D Direct A Added to URT L Advertised in LSPs S IGP Shortcut U Up Down Bit Set C In Computing ISIS 1 Level 2 Forwarding Table IPV4 Dest 100 1 1 0 24 Int Cost 30 Ext Cost NULL Admin Tag Src Count 3 Flags Priority Low Flags D Direct A Added to URT L Advertised in LSPs S IGP Shortcut...

Page 596: ... configuring basic IPv6 IS IS functions including the procedures for configuring IS IS processes and interfaces to implement communication between nodes on an IPv6 IS IS network 7 12 1 Before You Start Before configuring basic IPv6 IS IS functions familiarize yourself with the usage scenario complete the pre configuration tasks and obtain the required data Applicable Environment To deploy IS IS on...

Page 597: ...1 and Level 2 devices and maintains two identical LSDBs consuming excessive system resources l Optional Configure IS IS host name mapping After IS IS host name mapping is configured a host name but not the system ID of a device will display by using display commands This configuration improves the maintainability on an IS IS network l Optional Enable the output of the IS IS adjacency status If the...

Page 598: ...e following way extend each part of the IP address to 3 bits add 0 to the front of any part that is shorter than 3 bits divide the extended address into three parts with each part consisting of four decimal digits and the reconstructed address is the system ID Area addresses of NETs are checked when Level 1 IS IS neighbor relationships are being established but not checked when Level 2 IS IS neigh...

Page 599: ...12 3 Configuring IPv6 IS IS Interfaces To configure an interface on an IS IS device to send Hello packets or flood LSPs IS IS must be enabled on this interface Context The level of an IS IS device and level of an interface together determine the level of a neighbor relationship By default Level 1 and Level 2 neighbor relationships will be established between two Level 1 2 devices If only one level...

Page 600: ...interface is configured By default the level of an interface is level 1 2 NOTE Changing the level of an IS IS interface is valid only when the level of the IS IS device is Level 1 2 If the level of the IS IS device is not a Level 1 2 the level of the IS IS device determines the level of the adjacency to be established l Optional Suppress an IS IS interface 1 Run isis silent advertise zero cost The...

Page 601: ...ified the cost of a route works as follows If the cost of a route is not greater than 1023 and the cost of every interface that the route passes through is smaller than or equal to 63 the cost of the route received by the interface is the actual cost If the cost of a route is not greater than 1023 but the costs of all interfaces that the route passes through are greater than 63 the IS IS device ca...

Page 602: ...d You can use the isis ipv6 cost command to configure the cost of a specified interface l Configure the global IS IS cost 1 Run system view The system view is displayed 2 Run isis process id The IS IS view is displayed 3 Run ipv6 circuit cost cost maximum level 1 level 2 The global IS IS cost is configured You can use the ipv6 circuit cost command to configure the costs of all interfaces at a time...

Page 603: ...andwidth Range 60 Interface bandwidth 10 Mbit s 50 10 Mbit s interface bandwidth 100 Mbit s 40 100 Mbit s interface bandwidth 155 Mbit s 30 155 Mbit s interface bandwidth 622 Mbit s 20 622 Mbit s Interface bandwidth 2 5 Gbit s 10 Interface bandwidth 2 5 Gbit s NOTE To change the cost of a loopback interface run the isis ipv6 cost command only in the loopback interface view End 7 12 5 Optional Conf...

Page 604: ...played 2 Run interface interface type interface number The interface view is displayed 3 Run isis dis priority priority level 1 level 2 The DIS priority is configured on the interface The greater the value the higher the priority l Configure the network type of an IS IS interface 1 Run system view The system view is displayed 2 Run interface interface type interface number The interface view is di...

Page 605: ...egotiation command can only be used for the establishment of the neighbor relationships on P2P links In the case of a broadcast link you can run the isis circuit type p2p command to set the link type to P2P and then run the isis ppp negotiation command to set the negotiation mode for the establishment of the neighbor relationship l Configure OSICP negotiation check on PPP interfaces 1 Run system v...

Page 606: ...table process id vpn instance vpn instance name command to check the mapping from the name of the local device to the system ID Step 2 Run the display isis peer verbose process id vpn instance vpn instance name command to check information about IS IS neighbors Step 3 Run the display isis interface verbose traffic eng tunnel process id vpn instance vpn instance name command to check information ab...

Page 607: ...0 0 Interface SNPA Address 00e0 870b 8100 IP Address IPV6 Link Local Address FE80 2E0 87FF FE0B 8100 IPV6 Global Address es 10 1 1 64 Csnp Timer Value L1 10 L2 10 Hello Timer Value L1 10 L2 10 DIS Hello Timer Value L1 3 L2 3 Hello Multiplier Value L1 3 L2 3 LSP Throttle Timer L12 50 Cost L1 10 L2 10 Ipv6 Cost L1 30 L2 30 Priority L1 20 L2 20 Retransmit Timer Value L12 5 Bandwidth Value Low 1000000...

Page 608: ... Configuring the IPv6 IS IS Interfaces NOTE Changing the IS IS cost for an interface can achieve the function of controlling route selection but requires routes on the interface to be recalculated and reconverged when a network topology changes especially on a large scale network In addition the configuration result may not meet your expectation Therefore the configuration of changing IS IS costs ...

Page 609: ...fic to a Level 2 device only through the nearest Level 1 2 device The route used may not be the optimal route to the destination To enable a device in a Level 1 area to select the optimal route configure IPv6 IS IS route leaking so that specified routes in the Level 2 area can be leaked into the local Level 1 area Routes of services deployed only in the local Level 1 area do not need to be leaked ...

Page 610: ...tes matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number ...

Page 611: ...mber Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes Then configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configur...

Page 612: ...match order auto config The basic ACL view is displayed d Run rule rule id deny permit fragment source source ipv6 address prefix length source ipv6 address prefix length any time range time name vpn instance vpn instance name A rule is configured for the basic ACL When the rule command is run to configure rules for a named ACL only the source address range specified by source and the time period ...

Page 613: ...w is displayed b Run rule rule id deny permit protocol source source ipv6 address prefix length source ipv6 address prefix length any time range time name A rule is configured for the advanced ACL When a filtering policy of a routing protocol is used to filter routes If the action specified in an ACL rule is permit a route that matches the rule will be received or advertised by the system If the a...

Page 614: ...n external area By default all routes in a Level 1 area are leaked into the Level 2 area After this command is run only routes that meet the specified conditions can be leaked into the Level 2 area End 7 13 3 Configuring Principles for Using Equal Cost IPv6 IS IS Routes If multiple equal cost IS IS routes are available on a network configure the equal cost IS IS routes to work in load balancing mo...

Page 615: ...n an IP routing table can be used to forward IP packets An IS IS route can take effect only after this IS IS route has been successfully added to an IP routing table If an IS IS route does not need to be added to a routing table specify conditions such as a basic ACL IPv6 prefix and routing policy to filter routes so that only IS IS routes that meet the specified conditions can add to an IP routin...

Page 616: ...ching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to f...

Page 617: ...le with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system Then configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes l ipv6 filter policy ipv6 prefix ipv6 prefix name import Conditions for filtering IS IS routes are configured based on the prefix li...

Page 618: ...ult routes using either of the following mode l Command triggered default route generation mode You can run the default route advertise command on a device so that the device adds a default route to the LSP before sending the LSP to a neighbor Therefore the neighbor can learn this default route l ATT bit 1 triggered default route generation mode IS IS defines that a Level 1 2 router sets the ATT b...

Page 619: ...eceiving the LSPs carrying the ATT bit 0 the Level 1 router does not generate a default route which reduces the size of a routing table To disable the Level 1 router from generating default routes even though it receives the LSPs carrying ATT bit 1 run the attached bit avoid learning command End 7 13 7 Checking the Configurations After configuring IPv6 IS IS route selection run the following comma...

Page 620: ...t Set On the Level 1 2 device run the display isis lsdb verbose command to check whether the Level 1 2 device has leaked the route 44 4 64 to Level 1 areas HUAWEI display isis lsdb verbose Database information for ISIS 1 Level 1 Link State Database LSPID Seq Num Checksum Holdtime Length ATT P OL 1111 1111 1111 00 00 0x00000004 0x7fd7 875 87 0 0 0 SOURCE 1111 1111 1111 00 NLPID IPV4 NLPID IPV6 AREA...

Page 621: ...d ATT Attached P Partition OL Overload Run the display isis route command to check IS IS routing information If equal cost IS IS routes are configured to work in load balancing mode multiple next hops will be displayed in the command output For example two next hops FE80 2E0 51FF FE52 8100 and FE80 2E0 FFFF FE50 8200 to the 44 4 64 network segment are displayed and their route costs are both 20 HU...

Page 622: ...isis process id The IS IS view is displayed Step 3 Run ipv6 summary ipv6 address prefix length avoid feedback generate_null0_route tag tag level 1 level 1 2 level 2 The specified IS IS routes are summarized into one IS IS route NOTE After route summarization is configured on an IS the local routing table still contains all specific routes before the summarization The routing tables on other ISs co...

Page 623: ...outing protocols are configured on an IS IS network you need to configure IS IS to interact with those routing protocols so that IS IS areas can communicate with non IS IS areas NOTE The LSDBs of different IS IS processes on a device are independent of each other Therefore each IS IS process on the device considers routes of the other IS IS processes as external routes To ensure successful traffic...

Page 624: ...l with the highest preference is selected For example if both OSPFv3 and IS IS are configured on a network the route discovered by OSPFv3 is used because OSPFv3 has a higher preference than IS IS by default To prefer a route discovered by IS IS configure a higher preference value for IS IS In addition a routing policy can be configured to increase the preferences of specified IS IS routes without ...

Page 625: ... 1 2 device because no external route can be learned on the devices in the IS IS routing domains If multiple Level 1 2 devices are deployed optimal routes to other routing domains need to be selected To ensure optimal routes are selected all the other devices in the IS IS routing domains must learn all or some external routes Routing policies can be configured to import or advertise external route...

Page 626: ...set the maximum number of external routes that can be imported into an IS IS routing domain l Optional Configure IS IS to advertise some external routes to an IS IS routing domain 1 Run system view The system view is displayed 2 Run isis process id The IS IS view is displayed 3 Run ipv6 filter policy acl6 number acl6 name acl6 name export protocol process id IS IS is configured to advertise specif...

Page 627: ...le to filter out the unwanted routes Then configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system Then configure another rule with a...

Page 628: ...v6 prefix ipv6 prefix name export protocol process id IS IS is configured to advertise specified external routes to the IS IS routing domain based on the prefix list ipv6 filter policy route policy route policy name export protocol process id IS IS is configured to advertise specified external routes to the IS IS routing domain based on the route policy NOTE After this command is run only external...

Page 629: ...IPV6 0 COST 0 2222 2222 2222 01 00 0x00000002 0xe1ea 1138 55 0 0 0 SOURCE 2222 2222 2222 01 NLPID IPV6 NBR ID 2222 2222 2222 00 COST 0 NBR ID 1111 1111 1111 00 COST 0 3333 3333 3333 00 00 0x00000004 0xac80 231 68 0 0 0 SOURCE 3333 3333 3333 00 NLPID IPV4 AREA ADDR 10 INTF ADDR 20 1 1 2 NBR ID 2222 2222 2222 00 COST 10 IP Internal 20 1 1 0 255 255 255 0 COST 10 Total LSP s 5 In TLV Leaking Route By...

Page 630: ... FC15 3 20 A Flags D Direct A Added to URT L Advertised in LSPs S IGP Shortcut U Up Down Bit Set ISIS 1 Level 2 Redistribute Table Type IPV6 Destination IntCost Tag O 44 4 64 20 Type D Direct I ISIS S Static O OSPF B BGP R RIP Run the display ipv6 routing table command to view the IP routing table The command output shows that the value of Preference of IPv6 IS IS has been changed from its default...

Page 631: ...ol Direct RelayNextHop TunnelID 0x0 Interface InLoopBack0 Flags D Destination 44 4 PrefixLength 64 NextHop FE80 7D7E 0 22D7 1 Preference 20 Cost 10 Protocol ISIS L2 RelayNextHop TunnelID 0x0 Interface Pos1 0 0 Flags D Destination FE80 PrefixLength 10 NextHop Preference 0 Cost 0 Protocol Direct RelayNextHop TunnelID 0x0 Interface NULL0 Flags D 7 16 Configuring the IPv6 IS IS Route Convergence Speed...

Page 632: ...ink layer protocol on interfaces l Configuring IP addresses for interfaces to ensure that neighboring nodes are reachable at the network layer l Configuring Basic IPv6 IS IS Functions Data Preparation To configure the IPv6 IS IS route convergence speed you need the following data No Data 1 Interval at which Hello packets are sent and the holding time of neighboring devices 2 Flooding time of CSNPs...

Page 633: ...e type interface number The interface view is displayed 3 Run isis timer hello hello interval level 1 level 2 The interval at which Hello packets are sent is set NOTE A broadcast link can transmit both Level 1 and Level 2 Hello packets You can set different sending intervals for these two types of Hello packets By default both Level 1 and Level 2 Hello packets are sent A P2P link can transmit only...

Page 634: ...or missing LSPs To speed up LSDB synchronization modify the following parameters of SNPs and LSPs on the NE80E 40E l Set an interval at which CSNPs are sent l Configure the intelligent timer controlling LSP generation l Set the maximum length for LSPs l Set the refresh interval for LSPs l Set the maximum lifetime for LSPs l Set the minimum interval at which LSPs are sent l Enable LSP fast flooding...

Page 635: ...irst time is determined by init interval From the second time on the delay in generating an LSP is determined by max interval After the delay remains at the value specified by max interval for three times or the IS IS process is restarted the delay decreases to the value specified by init interval When only max interval is specified the intelligent timer functions as an ordinary one time triggerin...

Page 636: ...ting LSPs expire NOTE The larger a network the greater the deviation between the LSP refresh interval and the maximum LSP lifetime l Set the maximum lifetime for LSPs 1 Run system view The system view is displayed 2 Run isis process id The IS IS view is displayed 3 Run timer lsp max age age time The maximum lifetime is set for LSPs When a router generates the system LSP it fills in the maximum lif...

Page 637: ...ber of LSPs to be sent is greater than the value of lsp count lsp count takes effect If the number of LSPs to be sent is smaller than the value of lsp count LSPs of the actual number are sent If a timer is configured and the configured timer does not expire before the route calculation the LSPs are flooded immediately when being received otherwise the LSPs are sent when the timer expires When LSP ...

Page 638: ...is determined by incr interval From the third time on the delay in SPF calculation increases twice every time until the delay reaches the value specified by max interval After the delay remains at the value specified by max interval for three times or the IS IS process is restarted the delay decreases to the value specified by init interval l If incr interval is not specified the delay in SPF calc...

Page 639: ... command l If an IS IS route conforms to the matching rules of multiple convergence priorities the highest convergence priority is used l The convergence priority of a Level 1 IS IS route is higher than that of a Level 2 IS IS route l If the route level is not specified the configuration of the prefix priority command takes effect for both Level 1 and Level 2 IS IS routes NOTE The ipv6 prefix prio...

Page 640: ...val for LSPs is 159 ms HUAWEI display isis interface verbose Interface information for ISIS 1 Interface Id IPV4 State IPV6 State MTU Type DIS GE1 0 1 001 Down Up 1497 L1 L2 No Yes Circuit MT State Standard Description GigabitEthernet1 0 0 Interface SNPA Address 00e0 ff50 8200 IP Address IPV6 Link Local Address FE80 2E0 FFFF FE50 8200 IPV6 Global Address es 13 1 2 64 Csnp Timer Value L1 123 L2 10 H...

Page 641: ...but not static BFD for IPv6 IS IS Without BFD connection status between an IS IS device and its neighbors can be monitored only by exchanging Hello packets at intervals The minimum allowable sending interval is 3s and a neighbor is declared Down after at least three intervals during which no response Hello packet is received from the neighbor IS IS takes more than one second to detect that a neigh...

Page 642: ...faces l Enable dynamic BFD for specified IPv6 interfaces This method is recommended if you need to enable dynamic BFD for IPv6 IS IS on a small number of IS IS interfaces Procedure l Enable dynamic BFD for an IS IS IPv6 process 1 Run system view The system view is displayed 2 Run bfd BFD is enabled globally 3 Run quit The system view is displayed 4 Run isis process id The IS IS view is displayed 5...

Page 643: ... interface number The view of the specified interface is displayed 5 Run isis ipv6 bfd enable BFD is enabled on the interface 6 Optional Run isis ipv6 bfd min rx interval receive interval min tx interval transmit interval detect multiplier multiplier value frr binding Run this command when BFD session parameters need to be configured for a specified interface End Checking the Configurations After ...

Page 644: ... for IPv6 IS IS familiarize yourself with the usage scenario complete the pre configuration tasks and obtain the data required for the configuration Applicable Environment In traditional IPv6 networks there is only one unicast topology and one unicast forwarding table on each device In this case service flows with the same destination IP address share the same PHB This means that various end to en...

Page 645: ...osts and protocol priorities for IS IS topology instances The parameters configured in the IS IS topology view are valid only for the specified IS IS topology instance This allows you to configure different parameters for different IS IS topology instances Procedure Step 1 Run system view The system view is displayed Step 2 Run isis process id The IS IS view is displayed Step 3 Run cost style narr...

Page 646: ... acl6 name acl6 name ipv6 prefix ipv6 prefix name route policy route policy name l maximum load balancing number l preference preference route policy route policy name l set overload on startup timeout1 start from nbr system id timeout1 timeout2 wait for bgp timeout1 send sa bit timeout3 allow interlevel external l spf priority priority value l summary ipv6 address mask avoid feedback generate_nul...

Page 647: ...rom advertising direct routes of the interface in the specified topology instance Step 6 Optional Run isis ipv6 topology topology name cost cost maximum level 1 level 2 The cost of the interface in the topology instance is configured Step 7 Optional Run undo isis ipv6 lfa backup topology topology name level 1 level 2 level 1 2 The interface is disabled from being a backup interface Step 8 Optional...

Page 648: ... MT IDs 0 10 Area Address es 10 Peer IPv6 Address es FE80 2E0 6CFF FE57 8300 Uptime 00 00 29 Adj Protocol IPV6 Restart Capable YES Suppressed Adj NO Peer System Id 0000 0000 0003 Total Peer s 2 Run the display isis route ipv6 topology Red command The command output shows the information about routes of the IS IS topology instance named Red HUAWEI display isis route ipv6 topology Red Route informat...

Page 649: ...tion time is within 50 ms and improves the reliability of IS IS networks 7 19 1 Before You Start Before configuring IPv6 IS IS Auto FRR familiarize yourself with the usage scenario complete the pre configuration tasks and obtain the data required for the configuration Applicable Environment As the network keeps developing services such as Voice over IP VoIP and on line video services require high ...

Page 650: ... c o s t 3 0 IS IS cost 10 IS IS cost 10 I S I S c o s t 1 0 Pre configuration Tasks Before configuring IPv6 IS IS Auto FRR complete the following tasks l Configuring IP addresses for interfaces to ensure that neighboring nodes are reachable at the network layer l Configuring IPv6 IS IS l Setting costs for links to ensure that the primary link is the optimal path and the backup link is the sub opt...

Page 651: ...kup routes For details of IS IS Auto FRR see the HUAWEI NetEngine80E 40E Router Feature Description IP Routing NOTE IS IS can generate loop free backup routes only when the traffic protection inequality of IS IS Auto FRR is satisfied End 7 19 3 Optional Disabling an Interface from Participating in IPv6 LFA Calculation To facilitate network management and fault location you can prevent certain inte...

Page 652: ...refix length command to check information about the primary and backup links after IPv6 IS IS Auto FRR is enabled l Run the display isis spf tree systemid systemid dname dname level 1 level 2 ipv6 verbose process id vpn instance vpn instance name command to check the traffic protection type of IPv6 IS IS Auto FRR End Example Run the display isis route command and you can view information about the...

Page 653: ...URT 2 1 30 0 0 3 IF GE0 0 1 NBR 0000 0000 0004 00 2 50 0 0 2 IF Pos0 0 0 NBR 0000 0000 0004 00 IPv4 Nexthops MIGP 0 IPv6 Nexthops 2 1 FE80 163 IF GE0 0 1 NBR 0000 0000 0004 00 B FE80 536 IF Pos0 0 0 NBR 0000 0000 0004 00 TYPE PRIMARY PROTECT LINK 2 FE80 536 IF Pos0 0 0 NBR 0000 0000 0004 00 B FE80 163 IF GE0 0 1 NBR 0000 0000 0004 00 TYPE PRIMARY PROTECT LINK Neighbors 3 Children 1 Parents 2 Other...

Page 654: ...icast and an MPLS TE tunnel are deployed in a network multicast packets may be forwarded through the TE tunnel As a result the routers spanned by the TE tunnel cannot detect the transmission of multicast packets and therefore the routers cannot create any multicast forwarding entry You can configure local MT function and enable IGP Shortcut on the TE tunnel to avoid the preceding problem In this m...

Page 655: ... process id The IS IS view is displayed Step 3 Run cost style compatible relax spf limit wide wide compatible The cost type is configured Step 4 Run traffic eng TE is configured Step 5 Run local mt enable Local MT is enabled End 7 20 3 Controlling the Scale of the MIGP Routing Table By configuring the filtering policy based on multicast source addresses you can configure routers to add only the ro...

Page 656: ...ing commands as required l Based on the basic ACL 1 Run local mt filter policy acl acl number acl name the local MT routing policy is configured 2 Run quit return to the system view 3 Run acl number acl number1 name acl name basic number acl number2 match order auto config the basic ACL view is displayed 4 Run rule rule id deny permit fragment type fragment type name source source ip address sourc...

Page 657: ...e is permit a route that matches the rule will be received or advertised by the system If the action specified in an ACL rule is deny a route that matches the rule will not be received or advertised by the system If a route has not matched any ACL rules the route will not be received or advertised by the system If an ACL does not contain any rules all routes matching the route policy that referenc...

Page 658: ...interface number display isis process id statistics level 1 level 2 level 1 2 packet End Example Configure the MIGP routing table to allow only the routes to the destination 192 168 3 0 24 to pass Run the display isis migp routing command The display is as follows HUAWEI display isis migp routing MIGP Route information for ISIS 1 ISIS 1 Level 2 Forwarding Table IPV4 Destination IntCost ExtCost Exi...

Page 659: ...ynchronization l If the router starts for the first time the router sets the overload bit in LSPs until the LSDB synchronization is complete This avoids route black holes Pre configuration Tasks Before configuring IS IS GR complete the following tasks l Configuring IP addresses for interfaces to ensure network connectivity between neighboring nodes l Configuring Basic IS IS Functions Data Preparat...

Page 660: ...newer than the LSP generated locally after the router starts This leads to the temporary black hole in the network which lasts until the normal LSDB synchronization process finishes The router then regenerates its LSPs and advertises the LSPs with the highest sequence number When this router starts if the neighbor of the router suppresses the advertisement of the adjacency until this router advert...

Page 661: ...S IS neighbor of the restarter sets the value of the T3 timer to the holdtime of the neighbor relationship between them which prevents routes from being recalculated on the whole network due to a neighbor disconnection during the GR Step 6 Optional Run graceful restart suppress sa The GR restarter is configured to suppress the Suppress Advertisement SA bit of the restart TLV The SA bit determines ...

Page 662: ...ptional checksum to improve security of the IS IS network l IS IS authentication encapsulates authentication information into Hello packets Link State Protocol Data Units LSPs and Sequence Number Protocol Data Units SNPs After an IS IS device receives the packets it checks whether the encapsulated authentication information is correct The IS IS device only accepts the packets with correct authenti...

Page 663: ...eas l Routing domain authentication Authentication passwords are encapsulated into IS IS packets in Level 2 areas The receiver only accepts the packets that have been authenticated Therefore you need to configure IS IS routing domain authentication to authenticate packets in Level 2 areas l Interface authentication The authentication information is encapsulated into IS IS Hello packets The neighbo...

Page 664: ...not be configured together at the beginning or end of a simple text password IS IS authentication involves the following situations Authentication information is encapsulated in the sent LSPs and SNPs The received LSPs and SNPs should pass the authentication and the ones that do not pass the authentication are discarded In this case snp packet or all send only is inapplicable Authentication inform...

Page 665: ...gured together at the beginning or end of a simple text password IS IS authentication involves the following situations Authentication information is encapsulated in the sent LSPs and SNPs The received LSPs and SNPs should pass the authentication and the ones that do not pass the authentication are discarded In this case snp packet or all send only is inapplicable Authentication information is enc...

Page 666: ...evel 2 can be set only on Ethernet interfaces When IS IS interfaces are Level 1 2 interfaces and Level 1 areas or level 2 is not specified in the command authentication modes and passwords are configured for both Level 1 areas and Level 2 Hello packets NOTE Characters are used as the prefix and suffix of existing passwords with variable lengths Therefore characters cannot be configured together at...

Page 667: ... peer verbose process id vpn instance vpn instance name command to check information about the IS IS neighbor End Example On GE2 0 0 set the interface authentication mode to simple and password to 123 Neighbor relationship can be established when authentication information on the two routers is consistent Run the display isis 1 peer verbose command The display is as follows HUAWEI display isis pee...

Page 668: ...running this command To clear the IS IS data structure run the following reset command in the user view Procedure Step 1 Run reset isis all process id vpn instance vpn instance name graceful restart command to reset the IS IS data structure By default the IS IS data structure is not reset End 7 23 2 Resetting a Specific IS IS Neighbor By restarting IS IS neighbors you can reset the IS IS neighbor ...

Page 669: ...ic IS IS Functions This part provides an example for interconnecting IPv4 networks through IS IS Networking Requirements As shown in Figure 7 4 l Router A Router B Router C and Router D belong to the same AS IS IS is enabled on the routers to implement interconnection in the IP network l The area addresses of Router A Router B and Router C are all 10 and the area address of Router D is 20 l Router...

Page 670: ...functions Configure Router A RouterA isis 1 RouterA isis 1 is level level 1 RouterA isis 1 network entity 10 0000 0000 0001 00 RouterA isis 1 quit RouterA interface Pos 1 0 0 RouterA Pos1 0 0 isis enable 1 RouterA Pos1 0 0 quit Configure Router B RouterB isis 1 RouterB isis 1 is level level 1 RouterB isis 1 network entity 10 0000 0000 0002 00 RouterB isis 1 quit RouterB interface Pos 1 0 0 RouterB...

Page 671: ...0 00 0x00000003 0xef4d 545 68 0 0 0 0000 0000 0003 00 00 0x00000008 0x3340 582 111 1 0 0 Total LSP s 3 In TLV Leaking Route By LSPID Self LSP Self LSP Extended ATT Attached P Partition OL Overload RouterB display isis lsdb Database information for ISIS 1 Level 1 Link State Database LSPID Seq Num Checksum Holdtime Length ATT P OL 0000 0000 0001 00 00 0x00000006 0xbf7d 642 68 0 0 0 0000 0000 0002 00...

Page 672: ...10 NULL P1 0 0 Direct D L 10 1 2 0 24 20 NULL P1 0 0 10 1 1 1 A 192 168 0 0 24 20 NULL P1 0 0 10 1 1 1 A 0 0 0 0 0 10 NULL P1 0 0 10 1 1 1 A Flags D Direct A Added to URT L Advertised in LSPs S IGP Shortcut U Up Down Bit Set RouterC display isis route Route information for ISIS 1 ISIS 1 Level 1 Forwarding Table IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags 10 1 1 0 24 10 NULL P1 0 0...

Page 673: ...er B sysname RouterB isis 1 is level level 1 network entity 10 0000 0000 0002 00 interface Pos1 0 0 link protocol ppp ip address 10 1 2 2 255 255 255 0 isis enable 1 return l Configuration file of Router C sysname RouterC isis 1 network entity 10 0000 0000 0003 00 interface Pos1 0 0 link protocol ppp ip address 10 1 1 1 255 255 255 0 isis enable 1 isis authentication mode md5 N C55QK Q Q MAF4 1 in...

Page 674: ...e three routers l Router A and Router B belong to area 10 Router C belongs to area 20 l Router A is a Level 1 device Router B is a Level 1 2 device and Router C is a Level 2 device Figure 7 5 Diagram of configuring IS IS in an NBMA network RouterA L1 RouterB L1 L2 Area 10 Area 20 RouterC L2 ATM1 0 0 1 10 1 1 2 24 ATM1 0 0 1 10 1 1 1 24 ATM2 0 0 1 10 1 2 2 24 ATM2 0 0 1 10 1 2 1 24 Configuration Ro...

Page 675: ...tm2 0 0 1 ip address 10 1 2 1 24 RouterB Atm2 0 0 1 pvc 2 2 RouterB atm pvc Atm2 0 0 1 2 2 map ip 10 1 2 2 broadcast RouterB atm pvc Atm2 0 0 1 2 2 quit RouterB Atm2 0 0 1 quit Configure Router C RouterC interface atm 2 0 0 1 p2p RouterC Atm2 0 0 1 ip address 10 1 2 2 24 RouterC Atm2 0 0 1 pvc 2 2 RouterC atm pvc Atm2 0 0 1 2 2 map ip 10 1 2 1 broadcast RouterC atm pvc Atm2 0 0 1 2 2 quit RouterC ...

Page 676: ...e information for ISIS 1 ISIS 1 Level 1 Forwarding Table IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags 10 1 1 0 24 10 NULL Atm1 0 0 1 Direct D L 10 1 2 0 24 10 NULL Atm2 0 0 1 Direct D L Flags D Direct A Added to URT L Advertised in LSPs S IGP Shortcut U Up Down Bit Set ISIS 1 Level 2 Forwarding Table IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags 10 1 1 0 24 10 NULL A...

Page 677: ...erface Atm2 0 0 interface Atm2 0 0 1 p2p ip address 10 1 2 1 255 255 255 0 isis enable 1 pvc 2 2 map ip 10 1 2 2 broadcast return l Configuration file of Router C sysname RouterC isis 1 is level level 2 network entity 20 0000 0000 0003 00 interface Atm2 0 0 interface Atm2 0 0 1 p2p ip address 10 1 2 2 255 255 255 0 isis enable 1 pvc 2 2 map ip 10 1 2 1 broadcast return 7 24 3 Example for Configuri...

Page 678: ... three network segments into the route 172 1 0 0 16 This summarization reduces the number of routes to be maintained by Router B and prevents interface state alteration in the Level 1 area from affecting router convergence in the Level 2 area Figure 7 6 Networking diagram for configuring IS IS route summarization Network1 172 1 1 0 24 Network2 172 1 2 0 24 Network3 172 1 3 0 24 GE2 0 0 172 1 1 1 2...

Page 679: ...rC interface gigabitEthernet 1 0 0 RouterC GigabitEthernet1 0 0 isis enable 1 RouterC GigabitEthernet1 0 0 quit The configurations of GE 2 0 0 GE 3 0 0 and GE 4 0 0 are similar to those of GE 1 0 0 Step 3 Run the display isis route command to display the IS IS routing table of routerRouter A RouterA display isis route Route information for ISIS 1 ISIS 1 Level 2 Forwarding Table IPV4 Destination In...

Page 680: ...f Router A sysname RouterA isis 1 is level level 2 network entity 20 0000 0000 0001 00 interface GigabitEthernet2 0 0 ip address 172 2 1 1 255 255 255 0 isis enable 1 return l Configuration file of Router B sysname RouterB isis 1 network entity 10 0000 0000 0002 00 summary 172 1 0 0 255 255 0 0 level 1 2 interface GigabitEthernet2 0 0 ip address 172 2 1 2 255 255 255 0 isis enable 1 interface Giga...

Page 681: ...l The four routers belong to area 10 and the network type is broadcast Ethernet l Router A and Router B are Level 1 2 routers Router C is a Level 1 router and Router D is a Level 2 router l The DIS priority of RouterA is 100 l You can change the DIS priority of the interface to configure Router A as a Level 1 2 DIS Figure 7 7 Configuring the DIS election of IS IS RouterA L1 L2 RouterB L1 L2 Router...

Page 682: ...NCE VLAN PVC 10 1 1 1 00e0 fc10 afec I GE1 0 0 Total 1 Dynamic 0 Static 0 Interface 1 Check the MAC address of GigabitEthernet1 0 0 on Router B RouterB display arp interface gigabitethernet 1 0 0 IP ADDRESS MAC ADDRESS EXPIRE M TYPE INTERFACE VPN INSTANCE VLAN PVC 10 1 1 2 00e0 fccd acdf I GE1 0 0 Total 1 Dynamic 0 Static 0 Interface 1 Check the MAC address of GigabitEthernet1 0 0 on Router C Rout...

Page 683: ...rD isis 1 quit RouterD interface gigabitethernet 1 0 0 RouterD GigabitEthernet1 0 0 isis enable 1 RouterD GigabitEthernet1 0 0 quit Display the IS IS neighbors of Router A RouterA display isis peer Peer information for ISIS 1 System Id Interface Circuit Id State HoldTime Type PRI 0000 0000 0002 GE1 0 0 0000 0000 0002 01 Up 9s L1 L1L2 64 0000 0000 0003 GE1 0 0 0000 0000 0002 01 Up 27s L1 64 0000 00...

Page 684: ...0 0000 0002 GE1 0 0 0000 0000 0001 01 Up 28s L2 L1L2 64 0000 0000 0004 GE1 0 0 0000 0000 0001 01 Up 30s L2 64 Total Peer s 4 Step 5 Verify the configuration Display the IS IS interface of Router A RouterA display isis interface Interface information for ISIS 1 Interface Id IPV4 State IPV6 State MTU Type DIS GE1 0 0 001 Up Down 1497 L1 L2 Yes Yes NOTE After the DIS priority of the IS IS interface c...

Page 685: ... 10 0000 0000 0001 00 interface GigabitEthernet1 0 0 ip address 10 1 1 1 255 255 255 0 isis enable 1 isis dis priority 100 return l Configuration file of Router B sysname RouterB isis 1 network entity 10 0000 0000 0002 00 interface GigabitEthernet1 0 0 ip address 10 1 1 2 255 255 255 0 isis enable 1 return l Configuration file of Router C sysname RouterC isis 1 is level level 1 network entity 10 0...

Page 686: ...er B and Router C Figure 7 8 Networking diagram of configuring IS IS load balancing Area10 RouterB L2 RouterA L2 RouterD L2 RouterC L2 GE3 0 0 GE3 0 0 POS1 0 0 POS2 0 0 POS1 0 0 POS1 0 0 POS2 0 0 POS2 0 0 POS1 0 0 POS2 0 0 Device Interface IP Address Device Interface IP Address Router A GE 3 0 0 172 16 1 1 24 Router C POS 1 0 0 10 1 2 2 24 Router A POS 1 0 0 10 1 1 1 24 Router C POS 2 0 0 192 168 ...

Page 687: ...rA isis 1 maximum load balancing 1 RouterA isis 1 quit Check the routing table of Router A RouterA display isis route Route information for ISIS 1 ISIS 1 Level 2 Forwarding Table IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags 192 168 1 0 24 20 NULL P2 0 0 10 1 2 2 A L 10 1 1 0 24 10 NULL P1 0 0 Direct D L 172 16 1 0 24 10 NULL GE3 0 0 Direct D L 172 17 1 0 24 30 NULL P1 0 0 10 1 1 2 ...

Page 688: ... Configure the preference of equal cost routes on Router A If you do not perform load balancing through Router B and Router C configure the preference of the equal cost routes and specify the next hop RouterA isis RouterA isis 1 nexthop 10 1 2 2 weight 1 RouterA isis 1 quit Step 6 Verify the configuration Check the routing table of Router A RouterA display isis route Route information for ISIS 1 I...

Page 689: ... network entity 10 0000 0000 0002 00 interface Pos1 0 0 link protocol ppp ip address 10 1 1 2 255 255 255 0 isis enable 1 interface Pos2 0 0 link protocol ppp ip address 192 168 0 1 255 255 255 0 isis enable 1 return l Configuration file of Router C sysname RouterC isis 1 is level level 2 network entity 10 0000 0000 0003 00 interface Pos1 0 0 link protocol ppp ip address 10 1 2 2 255 255 255 0 isi...

Page 690: ...king example l Router A and Router B belong to the same AS and the IS IS neighbor relationship is established between Router A and Router B Router A is a non BGP device in the AS l An EBGP connection is set up between Router B and Router C l IS IS and BGP import routes of each other to implement interworking between devices in the two ASs A routing policy is configured to change the cost of a BGP ...

Page 691: ...outerA interface pos 1 0 0 RouterA Pos1 0 0 isis enable 1 RouterA Pos1 0 0 quit Configure Router B RouterB isis 1 RouterB isis 1 network entity 10 0000 0000 0002 00 RouterB isis 1 quit RouterB interface pos 1 0 0 RouterB Pos1 0 0 isis enable 1 RouterB Pos1 0 0 quit Step 3 Set up an EBGP connection Configure Router B RouterB bgp 65008 RouterB bgp router id 1 1 1 1 RouterB bgp peer 10 2 1 2 as numbe...

Page 692: ...g policy RouterB ip as path filter 1 permit 65009 RouterB route policy RTC permit node 0 RouterB route policy if match as path filter 1 RouterB route policy apply cost 20 RouterB route policy quit On Router B configure IS IS to import BGP routes RouterB isis 1 RouterB isis 1 import route bgp route policy RTC RouterB isis 1 quit Run the display ip routing table command to display the routing table ...

Page 693: ...7 0 0 1 32 Direct 0 0 D 127 0 0 1 InLoopBack0 3 3 3 3 32 Static 60 0 D 0 0 0 0 NULL0 End Configuration Files l Configuration file of Router A sysname RouterA isis 1 network entity 10 0000 0000 0001 00 interface Pos1 0 0 link protocol ppp ip address 10 1 1 1 255 255 255 0 isis enable 1 return l Configuration file of Router B sysname RouterB isis 1 network entity 10 0000 0000 0002 00 import route bg...

Page 694: ... topology Networking Requirements In real world situations an IPv4 IPv6 topology has a shortcoming When various end to end services such as voice and data services share the same physical links either IPv4 or IPv6 packets are discarded on the shablue links affecting transmission quality To address this problem configure multi topologies and create separate IPv4 and IPv6 routing tables As shown in ...

Page 695: ... IPv4 topology instance on router B 5 Associate the interfaces with specified topology instances Data Preparation To complete the configuration you need the following data l IP addresses of the interfaces on routers as shown in Figure 7 10 area ID 86 system ID of Router A 0000 0000 0001 system ID of Router B 0000 0000 0002 system ID of Router C 0000 0000 0003 system ID of Router D 0000 0000 0004 a...

Page 696: ...eate an IPv4 topology instance red for each router and an IPv6 topology instance blue for Router A Router C and Router D Associate an IS IS process with the IPv4 topology instance red and IPv6 topology instance blue on Router A RouterA isis RouterA isis 1 ipv6 enable topology ipv6 RouterA isis 1 cost style wide RouterA isis 1 topology red topology id 10 RouterA isis 1 topology red quit RouterA isi...

Page 697: ...ms 31 ms To make a comparison between the preceding routing information and the routing information when an IPv4 IPv6 topology is deployed run the following commands RouterD isis 1 RouterD isis 1 ipv6 enable Configuration modifications on Router A and Router C are the same as that on Router D After the configuration is modified run the display isis route command on the routers once again to view i...

Page 698: ...here is no outbound interface for the route from Router A to 2008 64 This is because the link between Router A and Router B does not support IPv6 and IPv6 packets from Router D are discarded End Configuration Files l Configuration file of Router A sysname RouterA ip topology red ipv6 topology blue isis 1 cost style wide network entity 86 0000 0000 0001 00 ipv6 enable topology ipv6 topology red top...

Page 699: ...d ipv6 topology blue isis 1 cost style wide network entity 86 0000 0000 0003 00 ipv6 enable topology ipv6 topology red topology id 10 ipv6 topology blue topology id 20 interface GigabitEthernet1 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 2 2 64 isis ipv6 enable 1 ip topology red enable isis topology red ipv6 topology blue enable isis ipv6 topology blue interface GigabitEthernet2 0 0 undo ...

Page 700: ...ipv6 address 2001 db8 2 1 64 isis ipv6 enable 1 isis cost 14 isis ipv6 cost 14 ipv6 topology blue enable isis ipv6 topology blue return 7 24 8 Example for Configuring Local MT This part provides an example for configuring multicast packets to be forwarded through TE tunnels on IS IS networks Networking Requirements As shown in Figure 7 11 l Router A Router B Router C Router D and Router E run IS I...

Page 701: ... MPLS Resource Reservation Protocol RSVP TE tunnel and enable IGP Shortcut 4 Enable local MT Data Preparation To complete the configuration you need the following data l IP address of each router interface is shown in Figure 7 11 The area address is 10 the originating system ID is 0000 0000 0001 and is incremental and the routers are Level 2 routers l Tunnel interface is TE tunnel 1 0 0 the tunnel...

Page 702: ...gabitethernet 1 0 0 Run the display multicast routing table command to view the multicast routing table of a router The multicast routing table on Router C is as follows RouterC display multicast routing table Multicast routing table of VPN Instance public net Total 1 entry 00001 192 168 3 2 224 31 31 31 Uptime 15 03 04 Upstream Interface GigabitEthernet2 0 0 List of 1 downstream interface 1 Gigab...

Page 703: ... an MPLS TE tunnel on Router B and enable IGP Shortcut RouterB interface tunnel 1 0 0 RouterB Tunnel1 0 0 ip address unnumbered interface loopback 0 RouterB Tunnel1 0 0 tunnel protocol mpls te RouterB Tunnel1 0 0 destination 4 4 4 4 RouterB Tunnel1 0 0 mpls te tunnel id 100 RouterB Tunnel1 0 0 mpls te commit RouterB Tunnel1 0 0 mpls te igp shortcut isis RouterB Tunnel1 0 0 mpls te igp metric relat...

Page 704: ... of 1 downstream interface 1 GigabitEthernet1 0 0 View the MIGP routing table on Router B RouterB display migp routing table Route Flags R relied D download to fib Routing Tables MIGP Destinations 5 Routes 5 Destination Mask Proto Pre Cost Flags NextHop Interface 4 4 4 4 32 ISIS 15 20 10 0 1 1 GE2 0 0 5 5 5 5 32 ISIS 15 30 10 0 1 1 GE2 0 0 10 0 2 0 24 ISIS 15 20 10 0 1 1 GE2 0 0 10 0 3 0 24 ISIS 1...

Page 705: ...l mt enable interface GigabitEthernet1 0 0 ip address 10 0 0 2 255 255 255 0 isis enable 1 pim sm interface GigabitEthernet2 0 0 ip address 10 0 1 2 255 255 255 0 isis enable 1 pim sm mpls mpls te mpls rsvp te interface LoopBack0 ip address 2 2 2 2 255 255 255 255 isis enable 1 pim sm interface Tunnel1 0 0 ip address unnumbered interface LoopBack0 tunnel protocol mpls te destination 4 4 4 4 mpls t...

Page 706: ...p address 10 0 2 2 255 255 255 0 isis enable 1 pim sm mpls mpls te mpls rsvp te interface LoopBack0 ip address 3 3 3 3 255 255 255 255 isis enable 1 return l Configuration file of Router D sysname RouterD router id 4 4 4 4 multicast routing enable mpls lsr id 4 4 4 4 mpls mpls te mpls rsvp te mpls te cspf isis 1 is level level 2 cost style wide network entity 10 0000 0000 0004 00 traffic eng level...

Page 707: ...s enable 1 pim sm interface LoopBack0 ip address 5 5 5 5 255 255 255 255 isis enable 1 pim sm return 7 24 9 Example for Configuring Basic IS IS IPv6 Functions This part provides an example for interconnecting IPv6 networks through IS IS Networking Requirements As shown in Figure 7 12 l Router A Router B Router C and Router D belong to the same AS They are interconnected through IS IS in the IPv6 n...

Page 708: ...the configuration you need the following data l IPv6 address of each interface on Router A Router B Router C and Router D l Area numbers of Router A Router B Router C and Router D l Levels of Router A Router B Router C and Router D Procedure Step 1 Enable the capability of IPv6 forwarding and configure IPv6 address for each interface Take the display on Router A as an example The configurations of...

Page 709: ...0 isis ipv6 enable 1 RouterC Pos1 0 0 quit RouterC interface pos 2 0 0 RouterC Pos2 0 0 isis ipv6 enable 1 RouterC Pos2 0 0 quit RouterC interface pos 3 0 0 RouterC Pos3 0 0 isis ipv6 enable 1 RouterC Pos3 0 0 isis circuit level level 2 RouterC Pos3 0 0 quit Configure Router D RouterD isis 1 RouterD isis 1 is level level 2 RouterD isis 1 network entity 20 0000 0000 0004 00 RouterD isis 1 ipv6 enab...

Page 710: ...s 10 Peer IPv6 Address es FE80 DC40 0 47A9 1 Uptime 00 46 13 Adj Protocol IPV6 Restart Capable YES Suppressed Adj NO Peer System Id 0000 0000 0002 0000 0000 0004 Pos3 0 0 0000000001 Up 24s L2 MT IDs supported 0 UP Local MT IDs 0 Area Address es 20 Peer IPv6 Address es FE80 F81D 0 1E24 2 Uptime 00 53 18 Adj Protocol IPV6 Restart Capable YES Suppressed Adj NO Peer System Id 0000 0000 0004 Total Peer...

Page 711: ...6 AREA ADDR 10 INTF ADDR V6 2001 db8 3 1 INTF ADDR V6 2001 db8 2 1 INTF ADDR V6 2001 db8 1 1 Topology Standard NBR ID 0000 0000 0004 00 COST 10 IPV6 2001 db8 3 64 COST 10 IPV6 2001 db8 2 64 COST 10 IPV6 2001 db8 1 64 COST 10 0000 0000 0004 00 00 0x0000000b 0x6dfa 1024 124 0 0 0 SOURCE 0000 0000 0004 00 NLPID IPV6 AREA ADDR 20 INTF ADDR V6 2001 db8 3 2 INTF ADDR V6 2001 db8 4 1 Topology Standard NB...

Page 712: ...v6 isis 1 network entity 10 0000 0000 0003 00 ipv6 enable topology standard interface Pos1 0 0 link protocol ppp ipv6 enable ipv6 address 2001 db8 1 1 64 isis ipv6 enable 1 interface Pos2 0 0 link protocol ppp ipv6 enable ipv6 address 2001 db8 2 1 64 isis ipv6 enable 1 interface Pos3 0 0 link protocol ppp ipv6 enable ipv6 address 2001 db8 3 1 64 isis ipv6 enable 1 isis circuit level level 2 return...

Page 713: ...o area 10 They are Level 2 routers l A Layer 2 switch which need not be configured connects Router A and Router B Figure 7 13 Networking diagram of IS IS fast convergence RouterA RouterB GE1 0 0 10 1 1 1 24 GE1 0 0 10 1 1 2 24 Configuration Roadmap The configuration roadmap is as follows 1 Enable basic IS IS functions on each router 2 Enable BFD on Router A and Router B 3 Set the time parameters o...

Page 714: ...abitethernet 1 0 0 RouterA bfd session atob discriminator local 1 RouterA bfd session atob discriminator remote 2 RouterA bfd session atob commit RouterA bfd session atob quit RouterA interface gigabitethernet 1 0 0 RouterA GigabitEthernet1 0 0 isis bfd static RouterA GigabitEthernet1 0 0 quit Configure Router B RouterB bfd RouterB bfd quit RouterB bfd btoa bind peer ip 10 1 1 1 interface gigabite...

Page 715: ... Verify the configuration Run the shutdown command on GE 1 0 0 of Router B to simulate the link in the Down state RouterB interface gigabitethernet 1 0 0 RouterB GigabitEthernet1 0 0 shutdown View the information about neighbors of Router A RouterA display isis peer Information about neighbors of Router A does not exist When BFD detects that the link goes Down it notifies the route management RM m...

Page 716: ...24 11 Example for Configuring IS IS Auto FRR IP protecting IP This part provides an example for fast switching services to the backup link in the case of IS IS link failures through IS IS Auto FRR IP protecting IP Networking Requirements When a fault occurs on a network IS IS Auto FRR fast switches traffic to a backup link before the route convergence This prevents traffic interruption In Figure 7...

Page 717: ... Enable IS IS Auto FRR on Router A that forwards the protected traffic Data Preparation To complete the configuration you need the following data l IP addresses of interfaces on each router l NET of each router l Level of each router l Costs of interfaces on each router Procedure Step 1 Configure IP addresses for interfaces The details are omitted Step 2 Configure basic IS IS functions Configure R...

Page 718: ...rk entity 10 0000 0000 0004 00 RouterD isis 1 quit RouterD interface gigabitethernet 1 0 0 RouterD GigabitEthernet1 0 0 isis enable 1 RouterD GigabitEthernet1 0 0 quit RouterD interface gigabitethernet 2 0 0 RouterD GigabitEthernet2 0 0 isis enable 1 RouterD GigabitEthernet2 0 0 quit Step 3 Set the cost of Gigabit Ethernet 2 0 0 on RouterA to 30 and then check routing information Configure the cos...

Page 719: ...0x0 EntryRefCount 0 rt_ulVlanId 0x0 LspType 0 Label_ForLspTokenBak 0 MplsMtu 0 Gateway_ForLspTokenBak 0 NextToken 0 IfIndex_ForLspTokenBak 0 Label_NextToken 0 Label 0 LspBfdState 0 As shown in the command output the traffic from Router A to Router D is only forwarded through Link T Step 4 Enable IS IS Auto FRR on Router A and then check the routing information Enable IS IS Auto FRR on Router A Rou...

Page 720: ... 0 0 NBR 0000 0000 0003 00 B 10 2 0 2 IF GE2 0 0 NBR 0000 0000 0002 00 TYPE LOOP FREE PROTECT LINK NODE IPv4 Nexthops MIGP 0 IPv6 Nexthops 0 Neighbors 2 Children 1 Parents 1 Others 0 1 0000 0000 0003 02 Cost 10 Flags Parent 2 0000 0000 0004 03 Cost 10 Flags Child ISIS 1 Level 2 Shortest Path Tree 0000 0000 0004 00 Distance 20 Distance URT 20 Flags SPT V6_Islt IPv4 Nexthops URT 1 1 10 1 0 2 IF GE1 ...

Page 721: ... with GE 2 0 0 as the outbound interface and 10 2 0 2 as the next hop Step 5 Verify the configuration Run the shutdown command on GE 2 0 0 of Router C to make the link down RouterC interface gigabitethernet 2 0 0 RouterC GigabitEthernet2 0 0 shutdown Run the display fib 10 5 1 1 verbose command immediately on Router A to check information about the route from Router A to Router D RouterA display f...

Page 722: ...guration file of Router B sysname RouterB isis 1 network entity 10 0000 0000 0002 00 interface gigabitethernet 1 0 0 ip address 10 2 0 2 255 255 255 0 isis enable 1 interface gigabitethernet 2 0 0 ip address 10 3 0 1 255 255 255 0 isis enable 1 return l Configuration file of Router C sysname RouterC isis 1 network entity 10 0000 0000 0003 00 interface gigabitethernet 1 0 0 ip address 10 1 0 2 255 ...

Page 723: ...configuring IS IS Auto FRR PE1 PE3 P5 P1 P3 P6 P2 P4 Plane A Plane B Traffic in normal Traffic in case of failure Figure 7 15 is the simplified networking diagram of MPLS VPN double planes and PEs are dual homed to the two planes It is required that l IS IS should be configured to implement IP connectivity between nodes l Traffic between P nodes at the core layer should be transmitted through the ...

Page 724: ...Free Alternate LFA calculation 3 Enable forwarding adjacency and configure LDP over TE 4 Enable IS IS Auto FRR so that traffic can be rapidly switched in the case of a link fault 5 Run the undo isis lfa backup command on the interfaces that connect P nodes to PE nodes to disable these interfaces from becoming the backup interfaces in LFA calculation and prevent traffic between P nodes from going b...

Page 725: ... 1 12 1 30 GE 3 1 0 10 1 12 2 30 P3 PE3 GE 2 0 0 10 1 13 1 30 GE 3 1 0 10 1 13 2 30 P4 Table 7 4 IP address of Loopback 0 Device Name IP Address of Loopback 0 P1 1 1 1 1 32 P2 2 2 2 2 32 P3 3 3 3 3 32 P4 4 4 4 4 32 P5 5 5 5 5 32 P6 6 6 6 6 32 PE1 7 7 7 7 32 PE3 8 8 8 8 32 Table 7 5 IS IS parameters Parameter Value Router ID IP address of Loopback 0 HUAWEI NetEngine80E 40E Router Configuration Guid...

Page 726: ...er Number of the physical outbound interface of the tunnel Tunnel interface description to_destination node Tunnel interface address IP address of Loopback 0 Tunnel ID 100 Name of the explicit path Tunnel description Tunnel metric value Smaller than the metric value of the primary path and greater than the metric values of other paths so that the tunnel can become the backup path and LDP over TE c...

Page 727: ...s enable 64 P1 GigabitEthernet3 0 0 isis cost 5 P1 GigabitEthernet3 0 0 quit P1 interface gigabitethernet 3 1 0 P1 GigabitEthernet3 1 0 isis enable 64 P1 GigabitEthernet3 1 0 isis cost 5 P1 GigabitEthernet3 1 0 quit Configure PE1 PE1 router id 7 7 7 7 PE1 isis 64 PE1 isis 64 network entity 86 0010 0070 0700 7007 00 PE1 isis 64 is level level 2 PE1 isis 64 cost style wide PE1 isis 64 is name PE1 PE...

Page 728: ... P2 mpls mpls te P2 mpls mpls rsvp te P2 mpls quit P2 interface gigabitethernet 1 0 0 P2 GigabitEthernet1 0 0 mpls P2 GigabitEthernet1 0 0 mpls te P2 GigabitEthernet1 0 0 mpls rsvp te P2 GigabitEthernet1 0 0 mpls te bandwidth max reservable bandwidth 200000 P2 GigabitEthernet1 0 0 mpls te bandwidth bc0 200000 P2 GigabitEthernet1 0 0 quit P2 interface gigabitethernet 2 0 0 P2 GigabitEthernet2 0 0 m...

Page 729: ...tioned here Configure PE1 PE1 mpls lsr id 7 7 7 7 PE1 mpls PE1 mpls quit PE1 mpls ldp PE1 mpls ldp quit PE1 interface gigabitethernet 1 0 0 PE1 GigabitEthernet1 0 0 mpls PE1 GigabitEthernet1 0 0 mpls ldp PE1 GigabitEthernet1 0 0 quit Configure P1 P1 mpls ldp P1 interface gigabitethernet 2 0 0 P1 GigabitEthernet2 0 0 mpls ldp P1 GigabitEthernet2 0 0 quit P1 interface gigabitethernet 3 0 0 P1 Gigabi...

Page 730: ...mpls ldp lsp command on PE1 The command output shows that an LDP LSP is established Take the display on PE1 as an example PE1 display mpls ldp lsp 8 8 8 8 32 LDP LSP Information DestAddress Mask In OutLabel UpstreamPeer NextHop OutInterface 8 8 8 8 32 NULL 3 10 1 10 2 GE1 0 0 8 8 8 8 32 1024 3 1 1 1 1 10 1 10 2 GE1 0 0 TOTAL 2 Normal LSP s Found TOTAL 0 Liberal LSP s Found TOTAL 0 Frr LSP s Found ...

Page 731: ...Bak 0 NextToken 0 IfIndex_ForLspTokenBak 0 Label_NextToken 0 Label 0 LspBfdState 0 Run the shutdown command on GE 2 0 0 of P1 or P3 to simulate a link fault Take the configuration of P1 as an example P1 interface gigabitethernet 2 0 0 P1 GigabitEthernet2 0 0 shutdown Run the display fib 3 3 3 3 32 verbose command on P1 to view the FIB entry to P3 P1 display fib 3 3 3 3 32 verbose Route Entry Count...

Page 732: ...level 2 cost style wide network entity 86 0010 0010 0100 1001 00 is name P1 interface LoopBack0 ip address 1 1 1 1 255 255 255 255 isis enable 64 interface Tunnel1 0 0 description toP3 ip address unnumbered interface LoopBack0 tunnel protocol mpls te destination 3 3 3 3 mpls te tunnel id 100 mpls te bandwidth ct0 200000 mpls te path explicit path to_p3 mpls te igp advertise mpls te igp metric abso...

Page 733: ... Configuration file of P2 sysname P2 router id 2 2 2 2 mpls lsr id 2 2 2 2 mpls mpls te mpls rsvp te mpls ldp isis 64 is level level 2 cost style wide network entity 86 0010 0020 0200 2002 00 is name P2 interface LoopBack0 ip address 2 2 2 2 255 255 255 255 isis enable 64 interface GigabitEthernet1 0 0 undo shutdown ip address 10 1 1 2 255 255 255 252 isis enable 64 isis cost 5 mpls mpls te mpls r...

Page 734: ...3 3 mpls lsr id 3 3 3 3 mpls mpls te mpls rsvp te mpls te cspf explicit path to_p3 next hop 10 1 6 2 next hop 10 1 4 1 next hop 10 1 1 1 next hop 1 1 1 1 mpls ldp mpls ldp remote peer to_p1 remote ip 1 1 1 1 undo remote ip pwe3 isis 64 frr loop free alternate level 2 is level level 2 cost style wide network entity 86 0010 0030 0300 3003 00 is name P3 interface LoopBack0 ip address 3 3 3 3 255 255 ...

Page 735: ...252 isis enable 64 isis cost 5 mpls mpls ldp interface GigabitEthernet3 0 0 undo shutdown ip address 10 1 7 1 255 255 255 252 isis enable 64 isis cost 5 mpls mpls ldp interface GigabitEthernet3 1 0 undo shutdown ip address 10 1 12 2 255 255 255 252 isis enable 64 isis cost 5 undo isis lfa backup mpls mpls ldp return l Configuration file of P4 sysname P4 router id 4 4 4 4 mpls lsr id 4 4 4 4 mpls m...

Page 736: ...thernet3 0 0 undo shutdown ip address 10 1 8 1 255 255 255 252 isis enable 64 isis cost 5 mpls mpls ldp interface GigabitEthernet3 1 0 undo shutdown ip address 10 1 13 2 255 255 255 252 isis enable 64 isis cost 5 mpls mpls ldp return l Configuration file of P5 sysname P5 router id 5 5 5 5 mpls lsr id 5 5 5 5 mpls mpls ldp isis 64 is level level 2 cost style wide network entity 86 0010 0050 0500 50...

Page 737: ... network entity 86 0010 0060 0600 6006 00 is name P6 interface LoopBack0 ip address 6 6 6 6 255 255 255 255 isis enable 64 interface GigabitEthernet1 0 0 undo shutdown ip address 10 1 9 2 255 255 255 252 isis enable 64 isis cost 5 mpls mpls ldp interface GigabitEthernet2 0 0 undo shutdown ip address 10 1 5 2 255 255 255 252 isis enable 64 isis cost 5 mpls mpls ldp interface GigabitEthernet3 0 0 un...

Page 738: ... 0 0 undo shutdown ip address 10 1 11 1 255 255 255 252 isis enable 64 isis cost 5 mpls mpls ldp return l Configuration file of PE3 sysname PE3 router id 8 8 8 8 mpls lsr id 8 8 8 8 mpls mpls ldp isis 64 is level level 2 cost style wide network entity 86 0010 0080 0800 8008 00 is name PE3 interface LoopBack0 ip address 8 8 8 8 255 255 255 255 isis enable 64 interface GigabitEthernet1 0 0 undo shut...

Page 739: ...d Router C the three routers start to exchange routing information When IS IS on Router A restarts Router A resends connection requests to neighbors to synchronize the LSDB Figure 7 16 Networking diagram for configuring IS IS GR RouterA RouterB RouterC GE1 0 0 10 1 1 1 24 GE1 0 0 10 1 1 2 24 GE2 0 0 10 2 1 1 24 GE1 0 0 10 2 1 2 24 Configuration Roadmap The configuration roadmap is as follows 1 Con...

Page 740: ...2 32 10 1 1 2 HU t 20678 GE1 0 0 0x0 10 2 1 0 24 10 1 1 2 DGU t 79388 GE1 0 0 0x0 Restart the IS IS process on Router A in GR mode RouterA reset isis all graceful restart NOTE A router restarts an IS IS process in GR mode only when GR is enabled in the IS IS process Run the display fib command on Router A and view the FIB table to check whether GR works normally If GR works normally the FIB table ...

Page 741: ...he route to network segment 10 2 1 0 does not exist service forwarding is affected End Configuration Files l Configuration file of Router A sysname RouterA isis 1 graceful restart graceful restart interval 150 is level level 1 network entity 10 0000 0000 0001 00 interface GigabitEthernet 1 0 0 link protocol ppp ip address 10 1 1 1 255 255 255 0 isis enable 1 return l Configuration file of Router B...

Page 742: ...or relationship between Router A and Router B When the link between Router A and Router B is faulty BFD can fast detect the default and report it to IS IS Figure 7 17 Networking diagram of configuring static BFD for IS IS RouterA RouterB RouterC GE1 0 0 10 1 1 1 24 GE1 0 0 10 1 1 2 24 GE2 0 0 10 2 1 1 24 GE1 0 0 10 2 1 2 24 NOTE BFD for IS IS cannot be used to detect the multi hops link between Ro...

Page 743: ...outerB isis 1 quit RouterB interface gigabitethernet 1 0 0 RouterB GigabitEthernet1 0 0 isis enable 1 RouterB GigabitEthernet1 0 0 quit RouterB interface gigabitethernet 2 0 0 RouterB gigabitethernet2 0 0 isis enable 1 RouterB gigabitethernet2 0 0 quit Configure Router C RouterC isis 1 RouterC isis 1 is level level 2 RouterC isis 1 network entity aa 3333 3333 3333 00 RouterC isis 1 quit RouterC in...

Page 744: ...on btoa commit RouterB bfd session btoa quit After the preceding configurations you can view that the status of the static BFD is YES when the display isis interface verbose command is used on Router A or Router B The display on Router A is as follows RouterA display isis interface verbose Interface information for ISIS 1 Interface Id IPV4 State IPV6 State MTU Type DIS GE1 0 0 001 Up Down 1500 L2 ...

Page 745: ...er B according to the fault reported by BFD ISIS 4 PEER_DOWN_BFDDOWN 1880166931 UL R ISIS 1 neighbor 2222 2222 2222 is down on the interface GE1 0 0 because BFD node is Down ISIS 4 PEER_DOWN_BFDDOWN 1880166931 UL R ISIS 1 neighbor 2222 2222 2222 was Down on interface GE1 0 0 because the BFD node was down The Hello packet was received at 11 32 10 last time the maximum interval for sending Hello pac...

Page 746: ...e of Router C sysname RouterC isis 1 is level level 2 network entity aa 3333 3333 3333 00 interface GigabitEthernet1 0 0 ip address 10 2 1 2 255 255 255 0 isis enable 1 return 7 24 15 Example for Configuring Dynamic BFD for IS IS This part provides an example for configuring dynamic BFD for IS IS to fast detect faults and report them to IS IS In this manner the fast switchover of service traffic i...

Page 747: ...Set the interface cost of IS IS to control the route selection of the routers 3 Enable global BFD 4 Enable the BFD detection mechanism of the IS IS process on Router A Router B and Router C 5 Enable the BFD detection mechanism of the interfaces on Router A and Router B Data Preparation To complete the configuration you need the following data l Process ID of IS IS l Area numbers of Router A Router...

Page 748: ...00 0003 00 RouterC isis 1 quit RouterC interface gigabitethernet 1 0 0 RouterC GigabitEthernet1 0 0 isis enable 1 RouterC GigabitEthernet1 0 0 quit RouterC interface gigabitethernet 2 0 0 RouterC GigabitEthernet2 0 0 isis enable 1 RouterC GigabitEthernet2 0 0 quit After the preceding configurations are complete use the display isis peer command You can view that the neighboring relationship is set...

Page 749: ...terA isis 1 bfd all interfaces enable RouterA isis 1 quit Enable BFD of the IS IS process on Router B RouterB bfd RouterB bfd quit RouterB isis RouterB isis 1 bfd all interfaces enable RouterB isis 1 quit Enable BFD of the IS IS process on Router C RouterC bfd RouterC bfd quit RouterC isis RouterC isis 1 bfd all interfaces enable RouterC isis 1 quit After the preceding configurations are complete ...

Page 750: ...val 100 min rx interval 100 detect multiplier 4 RouterB GigabitEthernet2 0 0 quit After the preceding configurations are complete run the display isis bfd session all command on Router A or Router B You can view that the parameters of the BFD have taken effect Take the display of Router B as an example RouterB display isis bfd session all BFD session information for ISIS 1 Peer System ID 0000 0000...

Page 751: ...sion information for ISIS 1 Peer System ID 0000 0000 0003 Interface GE1 0 0 TX 100 BFD State up Peer IP Address 1 1 1 2 RX 100 LocDis 8192 Local IP Address 1 1 1 1 TX 10 BFD State up Peer IP Address 1 1 1 2 RX 10 LocDis 8193 Local IP Address 1 1 1 1 Multiplier 3 RemDis 8192 Type L2 Diag No diagnostic information Total BFD session s 1 End Configuration Files l Configuration file of Router A sysname...

Page 752: ... 0003 00 interface GigabitEthernet1 0 0 undo shutdown ip address 1 1 1 2 255 255 255 0 isis enable 1 interface GigabitEthernet2 0 0 undo shutdown ip address 2 2 2 1 255 255 255 0 isis enable 1 return 7 24 16 Example for Configuring Dynamic BFD for IPv6 IS IS This part provides an example for configuring dynamic BFD for fast failure detection to trigger fast switchover of service traffic on IS IS I...

Page 753: ...becomes the backup path 3 Configure BFD globally on each router 4 Enable BFD for IPv6 IS IS in the IS IS view of each router Data Preparation To complete the configuration you need the following data l IS IS process ID l IS IS network entity title NET l Level of each Router l IS IS cost value of each interface l Interface to be enabled with BFD for IPv6 IS IS l Minimum interval for sending BFD pac...

Page 754: ...onfigure Router D RouterD isis 10 RouterD isis 10 is level level 2 RouterD isis 10 network entity 10 0000 0000 0003 00 RouterD isis 10 ipv6 enable RouterD isis 10 quit RouterD interface gigabitethernet 1 0 0 RouterD GigabitEthernet1 0 0 isis ipv6 enable 10 RouterD GigabitEthernet1 0 0 quit RouterD interface gigabitethernet 2 0 0 RouterD GigabitEthernet2 0 0 isis ipv6 enable 10 RouterD GigabitEther...

Page 755: ...min tx interval 150 min rx interval 150 RouterN isis 10 quit Configure Router D RouterD bfd RouterD bfd quit RouterD isis 10 RouterD isis 10 ipv6 bfd all interfaces enable RouterD isis 10 ipv6 bfd all interfaces min tx interval 150 min rx interval 150 RouterD isis 10 quit After the preceding configurations run the display isis ipv6 bfd session all command on Router S or Router D and you can view t...

Page 756: ... Preference 15 Interface GigabitEthernet2 0 0 Protocol ISIS State Active Adv Cost 20 Tunnel ID 0x0 Label NULL Age 93sec As shown in the IPv6 routing table after the primary path fails the backup path takes effect the next hop address of the route to 2001 db8 4 120 becomes 2001 db8 2 2 the outbound interface becomes Gigabit Ethernet 2 0 0 the route cost may also change Run the display isis ipv6 bfd...

Page 757: ...enable ipv6 bfd all interfaces min tx interval 150 min rx interval 150 network entity 10 0000 0000 0002 00 ipv6 enable topology standard interface GigabitEthernet1 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 2 2 120 isis ipv6 enable 10 isis ipv6 cost 10 interface GigabitEthernet2 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 3 1 120 isis ipv6 enable 10 isis ipv6 cost 10 return l Conf...

Page 758: ...nterface GigabitEthernet2 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 3 2 120 isis ipv6 enable 10 isis ipv6 cost 10 return l Configuration file of Switch Configuration file of Switch is not mentioned here HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 7 IS IS Configuration Issue 02 2014 09 30 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 733 ...

Page 759: ...difies route attributes to direct network traffic 8 6 Configuring BGP to Receive Routes BGP is used to transmit routing information BGP can filter received routes to accept only the expected routes and can modify route attributes to direct network traffic 8 7 Configuring a Device to Advertise BGP Supernet Unicast Routes to BGP Peers This section describes how to configure a Border Gateway Protocol...

Page 760: ...d peer regardless of whether there are default routes in the local routing table This greatly reduces the number of routes on the network 8 17 Configuring BGP Load Balancing Configuring BGP load balancing better utilizes network resources and reduces network congestion 8 18 Configuring Path MTU Auto Discovery Path MTU auto discovery allows BGP to discover the smallest MTU value on a path to ensure...

Page 761: ... involves resetting a BGP connection and clearing BGP statistics 8 27 BGP Route Selection Rules 8 28 Configuration Examples BGP configuration examples explain networking requirements networking diagram configuration notes configuration roadmap and configuration procedure HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 8 BGP Configuration Issue 02 2014 09 30 Huawei Proprietary and Con...

Page 762: ...ined in RFC 1267 are three earlier released versions of BGP The current BGP version is BGP 4 defined in RFC 4271 As an exterior routing protocol on the Internet BGP is widely used among Internet Service Providers ISPs NOTE This document refers to BGP 4 unless stated otherwise BGP Characteristics Characteristics of BGP are as follows l Different from IGPs such as the Open Shortest Path First OSPF a...

Page 763: ...BGP Features Supported by the NE80E 40E This section describes BGP features supported by the NE80E 40E from the perspective of BGP configurations BGP enables routes to be transmitted between ASs more efficiently and flexibly Table 8 1 shows the BGP configuration outline Table 8 1 BGP configuration outline Configuration Objective Configuration Procedure Note To transmit BGP routes l 8 3 Configuring...

Page 764: ...configuration and management of a large scale BGP network l 8 9 Configuring BGP Peer Groups l 8 10 Configuring BGP Route Reflectors l 8 11 Configuring a BGP Confederation l 8 12 Configuring BGP Community Attributes These configurations are optional Before the configuration familiarize yourself with the following l Configuring and Managing a Large Scale BGP Network To suppress route flapping and im...

Page 765: ...figuring BGP Auto FRR l 8 22 Configuring BGP GR l NSR These configurations are optional Before the configuration familiarize yourself with the following l Improving BGP Network Reliability To improve BGP network security l Message Digest 5 MD5 and keychain authentication 1 8 23 2 Configuring MD5 Authentication 2 8 23 3 Configuring Keychain Authentication l 8 23 4 Configuring BGP GTSM l Limit the n...

Page 766: ...traffic that enters an AS It is similar to the metric used by an IGP When the device running BGP receives multiple routes to the same destination address but with different next hops from different EBGP peers the route with the lowest MED is selected as the optimal route See 8 4 5 Configuring MED Attributes for BGP Routes Next_Hop BGP discards the route with an unreachable next hop address See 8 4...

Page 767: ...using the network command is preferred over a route imported using the import route command 4 Prefers a route that carries the Accumulated Interior Gateway Protocol Metric AIGP attribute l The priority of a route that carries the AIGP attribute is higher than the priority of a route that does not carry the AIGP attribute l If two routes both carry the AIGP attribute the route with a smaller AIGP a...

Page 768: ... table of that VPN instance This is called RemoteCross 9 Prefers the route with the lowest IGP metric to the BGP next hop After the bestroute igp metric ignore command is run the IGP metrics are not compared for routes during route selection NOTE Assume that load balancing is configured If the preceding rules are the same and there are multiple external routes with the same AS_Path load balancing ...

Page 769: ...mands This feature is permanently enabled on the NE80E 40E BGP load balancing is different from IGP load balancing in the following implementation methods l In IGPs if there are different routes to the same destination address an IGP calculates metrics of these routes based on its own routing algorithm and performs load balancing among the routes with the same metric l BGP does not have a routing ...

Page 770: ... function as clients The clients establish IBGP connections with the RR The RR reflects routes among the clients and therefore BGP connections do not need to be established between the clients Confederation To simplify network configurations and improve configuration efficiency by minimizing full mesh IBGP connections within an AS It divides an AS into several sub ASs A full mesh connection is est...

Page 771: ...ound route filtering ORF In addition BGP peers need to exchange BGP messages frequently To improve the efficiency of BGP message transmission you can configure path maximum transmission unit MTU auto discovery Table 8 4 shows solutions to suppressing route flapping and improving the efficiency of route transmission Table 8 4 Solutions to suppressing route flapping and improving the efficiency of r...

Page 772: ...re filtered by the export policy Therefore only routes that peers need are advertised to peers Currently only IP prefix list based export policies are supported BGP path MTU auto discovery To improve the efficiency of BGP message transmission Path MTU auto discovery discovers the smallest MTU on a path for the Transmission Control Protocol TCP to transmit BGP messages This feature prevents BGP mes...

Page 773: ... delete the direct EBGP session on an interface and reset the EBGP session on another interface Rapid EBGP connection reset is applicable to EBGP peers only BGP peer tracking To adjust BGP route convergence speed BGP peer tracking can speed up BGP route convergence by adjusting the interval between peer unreachability discovery and connection interruption Bidirectional forwarding detection BFD for...

Page 774: ...response may increase the volume of traffic lost during a link failure because link switching is not possible in this case Improving BGP Network Reliability As the society develops services such as Internet Protocol television IPTV voice video and real time conferencing require higher network reliability Table 8 6 lists solutions to improving network reliability Table 8 6 Solutions to improving ne...

Page 775: ...he system can switch the traffic immediately to the standby link This process is irrelevant to route convergence Therefore services are interrupted only for a short period of time In most cases BFD for BGP and BGP Auto FRR are used together BGP Auto FRR takes effect based on the BFD detection result Graceful restart GR To avoid traffic interruption in case of a BGP restart When BGP restarts the pe...

Page 776: ...depend on or affect the remote peer and there is no communication failure arising from NSR NSR is enabled by default Improving BGP Network Security In most cases different ASs are under different technical administrations and therefore do not fully trust each other To improve BGP network security the following solutions are available as listed in Table 8 7 HUAWEI NetEngine80E 40E Router Configurat...

Page 777: ...rd and encryption algorithms BGP MD5 authentication and BGP keychain authentication are mutually exclusive BGP keychain authentication ensures higher security than BGP MD5 authentication l The MD5 algorithm is easy to configure and generates a single password which can only be changed manually MD5 authentication applies to the network requiring short period encryption l The keychain algorithm is c...

Page 778: ...rotocols such as IPv6 is limited To support multiple network layer protocols the Internet Engineering Task Force IETF extends BGP 4 to MP BGP RFC 2858 defines the MP BGP standard The devices can communicate with each other irrespective of whether they support MP BGP BGP uses address families to distinguish different network layer protocols For the values of address families refer to RFC 1700 Assig...

Page 779: ... that routes match the import or export policy l If integral 4 byte AS numbers are configured you must change 4 byte AS numbers in AS_Path regular expressions and extended community attribute filters to integral 4 byte AS numbers l If 4 byte AS numbers in dotted notation are configured you must change 4 byte AS numbers in AS_Path regular expressions and extended community attribute filters to 4 by...

Page 780: ...28 29 0 00 26 51 Established 0 10 1 2 2 4 65001 2 2 0 00 00 36 Established 0 The following is an example of running the display bgp routing table command after the as notation plain command is run In this example the AS number in the AS_Path regular expression is an integer 65537 and the corresponding information is displayed HUAWEI display bgp routing table regular expression 65537 BGP Local rout...

Page 781: ...peer relationships Devices can exchange BGP routing information only after they are configured as peers and establish peer relationships l Import routes BGP itself cannot discover routes Instead it imports routes discovered by other protocols to implement communication between ASs NOTE The commands in the BGP IPv4 unicast address family view can be run in the BGP view These commands are described ...

Page 782: ... the router ID in the system view as the router ID of BGP For the rule for selecting a router ID in the system view see the router id command End 8 3 3 Configuring BGP Peers Two devices can exchange BGP routing information only after a peer relationship is establishsd between them Context Because BGP uses TCP connections you need to specify IP addresses for peers when configuring BGP Two BGP peers...

Page 783: ...terface that is directly connected to the peer as the local interface of a TCP connection NOTE When loopback interfaces are used to establish a BGP connection run the peer connect interface command at both ends of the connection to ensure that the connection is correctly established If this command is run on only one end the BGP connection may fail to be established 5 Optional Run peer ipv4 addres...

Page 784: ...4 address ebgp max hop hop count The maximum number of hops is configured for an EBGP connection By default a direct physical link must be available between EBGP peers If such a link does not exist run the peer ebgp max hop command to allow EBGP peers to establish a TCP connection over multiple hops If hop count is not specified in the peer ebgp max hop command 255 is used as the maximum number of...

Page 785: ... unicast address family view is displayed By default the BGP IPv4 unicast address family view is displayed 4 Run import route protocol process id med med route policy route policy name BGP is configured to import routes from other protocols By configuring the parameter med you can set Multi_Exit Discriminator MED values for the imported routes The EBGP peer selects the route with the smallest MED ...

Page 786: ...ised more flexibly NOTE l The destination address and mask specified in the network command must be consistent with those of the corresponding entry in the local IP routing table Otherwise the specified route cannot be advertised l When using the undo network command to clear the existing configuration specify a correct mask End 8 3 5 Checking the Configurations After basic BGP functions are confi...

Page 787: ...butes Configuring route attributes can change route selection results 8 4 1 Before You Start Before configuring BGP route attributes familiarize yourself with the usage scenario complete the pre configuration tasks and obtain the data required for the configuration Applicable Environment BGP has many route attributes You can change route selection results by configuring attributes for routes Route...

Page 788: ...GP Functions Data Preparation To configure BGP route attributes you need the following data No Data 1 AS number 2 BGP preference value 3 Local_Pref value 4 MED value 8 4 2 Configuring the BGP Preference Setting the BGP preference can affect route selection between BGP routes and other routing protocols routes Context Multiple dynamic routing protocols can be run on a device at the same time In thi...

Page 789: ...three types of routes In addition a routing policy can also be used to set the preferences for the routes that match the policy The routes that do not match the policy use the default preference NOTE At present the peer route policy command cannot be used to set the BGP preference End 8 4 3 Configuring Preferred Values for BGP Routes After preferred values are set for BGP routes the route with the...

Page 790: ... displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step 3 Run ipv4 family unicast The IPv4 unicast address family view is displayed Step 4 Run default local preference preference A default Local_Pref attribute is set for the local device End 8 4 5 Configuring MED Attributes for BGP Routes The Multi_Exit Discriminator MED attribute equals a metric used in an IGP The M...

Page 791: ...D values of the routes from different ASs 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 Run ipv4 family unicast The IPv4 unicast address family view is displayed 4 Run compare different as med The MED values of routes from different ASs are compared By default the BGP device compares the MED values of only routes from different p...

Page 792: ... determine the final optimal route This route selection mode allows the route selection result to be independent of the sequence in which routes are received l Configure the method used by BGP to handle the situation where a route has no MED attribute during route selection 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 Run ipv4 f...

Page 793: ...eers this route cannot become an active route because the next hop is unreachable The relevant ASBR must be configured to change the next hop address of the route to the ASBR s own IP address before the ASBR advertises the route to an IBGP peer The route is active on the IBGP peer if the next hop is reachable 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot Th...

Page 794: ...y default a device changes the next hop address of a route imported from an IGP to the address of the interface connecting the device to its peer when advertising the route to an IBGP peer l Prevent a device from changing the next hop address of a route when the device advertises the route to an EBGP peer 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot The BG...

Page 795: ... specific conditions If a route cannot match the specified routing policy the route cannot be iterated End 8 4 7 Configuring AS_Path Attributes for Routes The AS_Path attribute is used to prevent routing loops and control route selection Procedure l Allow repeated local AS numbers BGP uses AS numbers to detect routing loops In Hub and Spoke networking if EBGP runs between a Hub PE and a Hub CE the...

Page 796: ...ew is displayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 Run ipv4 family unicast The IPv4 unicast address family view is displayed 4 Run bestroute as path ignore BGP is configured to ignore AS_Path attributes of routes during route selection l Configure a fake AS number Generally a device supports only one BGP process This means that a device supports only one AS number ...

Page 797: ...ce IPv4 address family view is displayed 4 Run peer ipv4 address group name substitute as AS number replacement is enabled l Configure the AS_Path attribute to carry only public AS numbers A route advertised by a BGP device to its peer usually carries AS numbers The AS numbers may be public or private Public AS numbers can be used on the Internet They are assigned and managed by the Internet Assig...

Page 798: ...forwarding error To enable the device to delete the private AS numbers from the AS Path attribute before sending update packets even in the preceding scenarios specify force in the command l Set the maximum number of AS numbers in the AS_Path attribute 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 Run as path limit as path limit ...

Page 799: ...d if you want to check the received routes again End 8 4 8 Checking the Configurations After BGP route attributes are configured you can view information about these route attributes Prerequisites The BGP route attribute configuration is complete Procedure l Run the display bgp paths as regular expression command to check information about AS_Path attributes of routes l Run the display bgp routing...

Page 800: ...GP advertises only the wanted routes after filtering routes to be advertised and modifies route attributes to direct network traffic 8 5 1 Before You Start Before configuring BGP to advertise routes familiarize yourself with the usage scenario complete the pre configuration tasks and obtain the data required for the configuration Applicable Environment BGP is used to transmit routing information b...

Page 801: ...e policy and number of the route policy s node 8 5 2 Configuring BGP Filters BGP filters filter routes to be advertised Context BGP uses the following types of filters to filter routes l Access Control List ACL l IP Prefix List l AS_Path filter l Community filter l Extcommunity filter l Route Policy Procedure l Configure an ACL An ACL is a series of sequential rules composed of permit and deny cla...

Page 802: ...onfigured only when ipv4 address is 0 0 0 0 For example the ip ip prefix prefix1 permit 0 0 0 0 8 command filters all routes with mask length 8 while the ip ip prefix prefix1 permit 0 0 0 0 8 match network command filters all routes to the IP address range from 0 0 0 1 to 0 255 255 255 The mask length range can be specified as mask length greater equal value less equal value 32 If only greater equ...

Page 803: ...gured NOTE For details on how to use AS_Path filters see 8 25 Applying BGP AS_Path Regular Expressions l Configure a community filter A BGP community attribute is used to identify a group of routes with the same properties Routes can be classified by community attribute This facilitates route management Some AS internal routes may not need to be advertised to any other AS whereas AS external route...

Page 804: ...is used to match routes or route attributes and to change route attributes when specific conditions are met As the preceding filters can be used as matching conditions of a route policy the route policy is powerful in functions and can be used flexibly 1 Run system view The system view is displayed 2 Run route policy route policy name permit deny node node A node is configured for a route policy a...

Page 805: ...together in the same node of a route policy because the latest configuration will override the previous one To match the AS_Path attribute of BGP routes run the if match as path filter as path filter number as path filter name 1 16 command To match the community attribute of BGP routes run either of the following commands if match community filter basic comm filter num whole match adv comm filter ...

Page 806: ...ertise no export no export subconfed 1 32 additive command To set an extended community attribute route target for a route run the apply extcommunity rt as number nn 4as number nn ipv4 address nn 1 16 additive command To set the local preference for a BGP route run the apply local preference preference command To set the Origin attribute for a BGP route run the apply origin igp egp as number plain...

Page 807: ...olicy of a routing protocol is used to filter routes If the action specified in an ACL rule is permit a route that matches the rule will be received or advertised by the system If the action specified in an ACL rule is deny a route that matches the rule will not be received or advertised by the system If a route has not matched any ACL rules the route will not be received or advertised by the syst...

Page 808: ...les all routes matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a lar...

Page 809: ...ilter policy acl number acl name acl name export the advertised routes is filtered based on an ACL b Run quit return to the BGP view c Run quit return to the system view d Run acl number acl number1 name acl name basic number acl number2 match order auto config the basic ACL view is displayed e Run rule rule id deny permit fragment type fragment type name source source ip address source wildcard a...

Page 810: ... view d Run acl name acl name advance number acl number2 match order auto config the basic ACL view is displayed e Run rule rule id deny permit protocol source source ip address source wildcard any time range time name a rule is configured for the basic ACL When a filtering policy of a routing protocol is used to filter routes If the action specified in an ACL rule is permit a route that matches t...

Page 811: ...lly without tearing down any BGP connection if routing policies are changed Context After changing a BGP import policy you must reset BGP connections for the new import policy to take effect interrupting these BGP connections temporarily BGP route refresh allows the system to refresh a BGP routing table dynamically without tearing down any BGP connection if routing policies are changed l If a devi...

Page 812: ...rs outbound BGP soft reset and import triggers inbound BGP soft reset l If the device s peers do not support route refresh perform the following operations Configure the device to store all the routing updates received from its peers or peer groups 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 Run ipv4 family unicast The IPv4 uni...

Page 813: ...tcomm filter name command to check information about a configured extcommunity filter l Run the display bgp routing table as path filter as path filter number as path filter name command to check information about routes matching a specified AS_Path filter l Run the display bgp routing table community filter community filter name basic community filter number whole match advanced community filter ...

Page 814: ...e configuration Applicable Environment BGP is used to transmit routing information between ASs Route reception directly affects traffic forwarding The BGP device may receive routes to the same destination from different BGP peers To control traffic forwarding paths the device needs to filter the received BGP routes The device may be attacked and receive a large number of routes from its BGP peers ...

Page 815: ...osed of permit and deny clauses These rules are described based on source addresses destination addresses and port numbers of packets ACL rules are used to classify packets After ACL rules are applied to a device the device permits or denies packets based on the ACL rules For details on ACL configurations see the HUAWEI NetEngine80E 40E Router Configuration Guide IP Services An ACL can be used as ...

Page 816: ...d by its name and each IP prefix list can contain multiple entries Each entry is identified by an index number and can specify a matching range in the form of a network prefix uniquely An IPv4 prefix list named abcd is used as an example ip ip prefix abcd index 10 permit 1 0 0 0 8 ip ip prefix abcd index 20 permit 2 0 0 0 8 During route matching the system checks the entries by index number in asc...

Page 817: ...routes have different prefixes as a result an IP prefix list is inapplicable and may come from different ASs as a result an AS_Path filter is inapplicable You can set a community attribute value for these AS internal routes and another community attribute value for these AS external routes on an ASBR to control and filter these routes 1 Run system view The system view is displayed 2 Run ip communi...

Page 818: ...ute policy route policy example permit node 10 command specifies node 10 and the route policy route policy example deny node 20 command specifies node 20 The two nodes belong to the route policy specified by route policy example The relationship between the nodes of a route policy is OR The details are as follows If a route matches one node the route matches the route policy and will not be matche...

Page 819: ...xtcomm filter num adv extcomm filter num 1 16 basic extcomm filter name advanced extcomm filter name command The operations in Step 3 can be performed in any order A node may have multiple if match clauses or no if match clause NOTE The relationship between the if match clauses in a node of a route policy is AND A route must match all the rules before the action defined by the apply clause is take...

Page 820: ...eference preference command To set the Origin attribute for a BGP route run the apply origin igp egp as number plain as number dot incomplete command To set a preferred value for a BGP route run the apply preferred value preferred value command To set dampening parameters for an EBGP route run the apply dampening half life reach reuse suppress ceiling command The operations in Step 4 can be perfor...

Page 821: ...a route has not matched any ACL rules the route will not be received or advertised by the system If an ACL does not contain any rules all routes matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configurat...

Page 822: ...tered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes Then configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configure a rule with a smalle...

Page 823: ... used to filter routes If the action specified in an ACL rule is permit a route that matches the rule will be received or advertised by the system If the action specified in an ACL rule is deny a route that matches the rule will not be received or advertised by the system If a route has not matched any ACL rules the route will not be received or advertised by the system If an ACL does not contain ...

Page 824: ...ng the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can...

Page 825: ...set The command provides the limit on the number of received routes based on peers You can configure specific parameters as required to control BGP after the number of the routes received from a peer exceeds the threshold alert only The peer relationship is kept No route is received after the number of received routes exceeds the threshold and an alarm is generated and recorded in the log idle for...

Page 826: ...ng updates received from the peer so that the device can refresh its routing table without closing the connection with the peer Procedure l If the device s peers support route refresh perform the following operations 1 Optional Enable route refresh a Run system view The system view is displayed b Run bgp as number plain as number dot The BGP view is displayed c Run peer ipv4 address group name cap...

Page 827: ...d import policy After this command is used all routing updates sent by a specified peer or peer group are stored regardless of whether an import policy is used When the local routing policy changes the information can be used to regenerate BGP routes again NOTE This command must be run on the local device and its peers If the peer keep all routes command is run on the device for the first time the...

Page 828: ...ified peer and match the routing policy End Example After an AS_Path filter is configured run the display ip community filter basic comm filter num adv comm filter num comm filter name command in the system view to view information about the configured AS_Path filter Run the display bgp routing table peer ipv4 address accepted routes command to view information about the routes that are received b...

Page 829: ...dress mask is greater than or equal to the next hop address mask l If you perform bitwise AND operations on the destination address mask with the destination address and next hop address respectively the calculated network addresses are different However if you perform bitwise AND operations on the next hop address mask with the destination address and next hop address respectively the calculated ...

Page 830: ... is 1 1 1 2 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 1 Network NextHop MED LocPrf PrefVal Path Ogn i 1 1 1 1 32 1 1 1 1 0 100 0 Run the display bgp routing table network command to view information about a specified BGP supernet unicast route advertised to BGP peers HUAWEI display bgp routing table 1 1 1 1 BGP l...

Page 831: ...n you can apply various routing policies and set route attributes Pre configuration Tasks Before configuring BGP route aggregation complete the following task l Configuring Basic BGP Functions Procedure l Configure automatic route aggregation 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 Run ipv4 family unicast The IPv4 unicast a...

Page 832: ...ertised The peer route policy command can also be used to filter out the routes not to be advertised to peers After origin policy is used only the routes matching route policy are aggregated attribute policy is used to set attributes for an aggregated route If the AS_Path attribute is set in the policy using the apply as path command and as set is set in the aggregate command the AS_Path attribute...

Page 833: ...h the same configurations Configuring BGP peer groups simplifies peer management and improves the route advertisement efficiency Based on the ASs where peers reside peer groups are classified as follows l IBGP peer group The peers of an IBGP peer group are in the same AS l Pure EBGP peer group The peers of a pure EBGP peer group are in the same external AS l Mixed EBGP peer group The peers of a mi...

Page 834: ...l device has not established a peer relationship with this peer the device will attempt to establish a peer relationship with this peer and set the AS number of this peer to the AS number of the peer group When creating an IBGP peer group you do not need to specify the AS number After configuring a peer group you can configure BGP functions for the peer group By default all peers in a peer group i...

Page 835: ...h a peer relationship with this peer and set the AS number of this peer to the AS number of the peer group After configuring a peer group you can configure BGP functions for the peer group By default all peers in a peer group inherit the entire configuration of the peer group The inherited configuration can be overridden if you directly configure commands for the peer End 8 9 4 Creating Mixed EBGP...

Page 836: ... you can view information about BGP peers and BGP peer groups Prerequisites The BGP peer group configurations have been configured Procedure l Run the display bgp peer ipv4 address verbose command to check detailed information about BGP peers l Run the display bgp group group name command to check information about BGP peer groups NOTE This command is applied only to devices on which BGP peer grou...

Page 837: ...a route sent between IBGP peers within an AS This may cause a route loop To prevent this problem the BGP standard defines that a BGP device is prohibited from advertising any route that received from another IBGP peer Full mesh connections then must be created between IBGP peers to ensure the connectivity between them If many IBGP peers exists the overhead will be large and the configuration workl...

Page 838: ...ertises learned routes to its clients and non clients following the rules described below l After learning routes from non clients the RR advertises the routes to all clients l After learning routes from clients the RR advertises the routes to all non clients and clients In addition the RR advertises learned EBGP routes to all non clients and clients It is easy to configure an RR The RR functional...

Page 839: ...the RR that is running BGP Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step 3 Run ipv4 family unicast The IPv4 unicast address family view is displayed Step 4 Run undo reflect between clients Route reflection is disabled between clients If the clients of an RR have established full mesh connections with each o...

Page 840: ...client RR2 l RR2 advertises it to its clients and non client RR1 As a result a route loop occurs between RR1 and RR2 To address this problem configure all routers on the network shown in Figure 8 2 into the same cluster and assign them the same cluster ID After the configuration is complete if Client1 receives an updated route from an EBGP peer it uses IBGP to advertise this route to RR1 and RR2 l...

Page 841: ...rom being forwarded by the RR improving route advertisement efficiency Context Usually BGP routes are delivered to the IP routing table on the router to guide traffic forwarding If the router does not need to forward traffic disable BGP route delivery to the IP routing table on the router BGP route delivery to the IP routing table is generally disabled on RRs An RR transmits routes and forwards tr...

Page 842: ...r RR to modify the route attributes using the export policy to change route selection results of the BGP Context According to RFC 4456 the route attributes on the RR cannot be modified using the export policy This is because it may cause route loops By default the RR is disabled from modifying the route attributes using the export policy But if you need to re plan the network traffic you can enabl...

Page 843: ...tended community attributes of BGP routes NOTE After the reflect change path attribute command is run on the RR the peer route policy export command takes precedence over the peer next hop invariable and peer next hop local commands End 8 10 7 Checking the Configurations After configuring BGP RRs you can view BGP RR configurations and routing information transmitted by BGP Prerequisites All BGP RR...

Page 844: ...2 03 06 19 17 43 UTC 08 00 Last update sent 2012 03 06 19 17 37 UTC 08 00 Minimum route advertisement interval is 15 seconds Optional capabilities Route refresh capability has been enabled 4 byte as capability has been enabled It s route reflector client Peer Preferred Value 0 Routing policy configured No routing policy is configured NOTE The message of It s route reflector client will be displaye...

Page 845: ...s of the confederation are configured The confederation id and confederation peer as commands must be run on all the EBGP peers in the same confederation and the same confederation ID must be set for these EBGP peers NOTE An old speaker that has a 2 byte AS number cannot be in the same confederation with a new speaker that has a 4 byte AS number Otherwise a routing loop may occur This is because t...

Page 846: ...path 100 origin igp MED 0 localpref 100 pref val 0 valid internal confed best select active pre 255 Not advertised to any peer yet 8 12 Configuring BGP Community Attributes Community attributes are used to simplify routing policy management 8 12 1 Before You Start Before configuring BGP community attributes familiarize yourself with the usage scenario complete the pre configuration tasks and obtai...

Page 847: ...atch clauses for a routing policy Community attributes can be added only to the routes that pass the filtering and the community attributes of only the routes that pass the filtering can be modified For configuration details see Optional Configuring if match Clauses Step 4 Configure community or extended community attributes for BGP routes l Run apply community community number aa nn internet no a...

Page 848: ...ributes to the peer group l To configure the BGP device to send a standard community attribute to its peer or peer group run peer ipv4 address group name advertise community l To advertise an extended community attribute to a specified peer or peer group perform the following steps 1 Run the peer ipv4 address group name advertise ext community command to advertise an extended community attribute t...

Page 849: ...GP community attributes End Example Run the display bgp routing table community command to view the routes carrying specified BGP community attributes HUAWEI display bgp routing table community BGP Local router ID is 1 1 1 2 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Network NextHop MED LocPrf PrefVal Community 1 1 1 0 24 1 1 1 1 0 0 no...

Page 850: ...e to filter routes before sending these routes It is unnecessary for the local device to provide a separate export policy for each BGP peer As a result the loads of the two communication devices network bandwidth consumption and configuration workload are reduced NOTE Currently only prefix based export policies are supported Pre configuration Tasks Before configuring prefix based BGP ORF complete ...

Page 851: ...r group NOTE This step is performed only on the receiving device An IP prefix list specified by ip prefix name must have been configured Otherwise route filtering cannot be implemented For details on IPv4 prefix list configurations see 10 2 2 Configuring an IPv4 Prefix List End Checking the Configurations After prefix based BGP ORF is configured you can run the following commands to check the prev...

Page 852: ...t 2012 03 06 19 17 37 UTC 8 00 Minimum route advertisement interval is 30 seconds Optional capabilities Route refresh capability has been enabled Outbound route filter capability has been enabled Enable Address Prefix IPv4 UNC address family rfc compatible both 4 byte as capability has been enabled Multi hop ebgp has been enabled Peer Preferred Value 0 Routing policy configured No import update fi...

Page 853: ...nection establishment If a BGP peer flaps constantly the ConnectRetry interval can be increased to suppress route flapping caused by BGP peer flapping which speeds up route convergence l BGP Keepalive and hold timers BGP uses Keepalive messages to maintain BGP peer relationships and monitor connection status After establishing a BGP connection two peers send Keepalive messages periodically to each...

Page 854: ... control the speed at which BGP peer relationships are established by changing the BGP ConnectRetry timer value Context After BGP initiates a TCP connection the ConnectRetry timer will be stopped if the TCP connection is established successfully If the first attempt to establish a TCP connection fails BGP tries again to establish the TCP connection after the ConnectRetry timer expires l Setting a ...

Page 855: ...eer or peer group By default the ConnectRetry timer value is 32s The ConnectRetry timer configured for a peer or peer group takes precedence over that configured for all peers or peer groups End 8 14 3 Configuring BGP Keepalive and Hold Timers The values of BGP Keepalive and hold timers determine the speed at which BGP detects network faults You can adjust the values of these timers to improve net...

Page 856: ...ce over those configured for the peer group of this peer In addition Keepalive and hold timers configured for a specific peer or peer group take precedence over those configured for all peers or peer groups Procedure l Configure BGP timers for all peers or peer groups Perform the following steps on a BGP router 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot ...

Page 857: ...e and hold time negotiated between two BGP peers remain unchanged the established peer relationship is not affected Only when the local device attempts to re establish a relationship with a remote device the value of min holdtime configured on the local device takes effect The local device compares min holdtime with hold time sent from the remote device If the value of min holdtime exceeds that of...

Page 858: ...equently to prevent the router from sending Update messages upon every change set the interval at which Update messages are sent Perform the following steps on a BGP router Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step 3 Run peer ipv4 address group name route update interval interval A MinRouteAdvertisement...

Page 859: ...ges to allow the device to update BGP routes in the IP routing table gradually This configuration prevents BGP from occupying the CPU resource of other protocols reduces CPU loads and ensures device reliability Pre configuration Tasks Before configuring the rate at which BGP updates routes in response to non critical iteration changes configure basic BGP functions Data Preparation To configure the...

Page 860: ... interface flapping End 8 14 6 Disabling Fast Reset of EBGP Connections Disabling rapid EBGP connection reset can prevent repeated reestablishment and deletion of EBGP sessions in the event of route flapping This speeds up BGP network convergence Context Rapid EBGP connection reset is enabled by default This allows BGP to immediately respond to a fault on an interface and delete the direct EBGP se...

Page 861: ...BFD however needs to be configured on the entire network and has poor extensibility If BFD cannot be deployed on a device to detect BGP peer relationship status BGP peer tracking can be enabled on the device to quickly detect link or peer unreachability implementing rapid network convergence Perform the following steps on a BGP router Procedure Step 1 Run system view The system view is displayed S...

Page 862: ... GR time Otherwise the BGP peer relationship will be interrupted before the GR time expires As a result GR becomes invalid End 8 14 8 Checking the Configurations After the BGP network convergence speed is adjusted you can view information about BGP peers and peer groups Prerequisites Adjusting the BGP network convergence speed has been configured Procedure l Run the display bgp peer verbose comman...

Page 863: ...o routing policy is configured Tracking has been enabled and the delay is 50s NOTE Tracking has been enabled and the delay is 50s is displayed only when the display bgp peer verbose command is run on the router enabled with BGP tracking 8 15 Configuring BGP Route Dampening BGP route dampening can be configured to suppress unstable routes Applicable Environment The main cause of route instability i...

Page 864: ...P route dampening parameters are set NOTE The dampening command takes effect only for EBGP routes When you configure BGP route dampening the values of reuse suppress and ceiling should meet the relationship of reuse suppress ceiling If routes are differentiated based on policies and the dampening command is run to reference a route policy BGP can use different route dampening parameters to suppres...

Page 865: ... 223 1 41 247 01 06 25 65534 4837 174 11096 6356i d 9 17 79 0 24 223 1 41 247 01 06 25 65534 837 3356 23504 29777i d 9 17 110 0 24 223 1 41 247 01 06 25 65534 837 3356 23504 29777i d 61 57 144 0 20 223 1 41 247 01 06 25 65534 4837 10026 9924 18429 18429i d 63 76 216 0 24 223 1 41 247 01 06 25 65534 4837 701 26959i d 63 78 142 0 24 223 1 41 247 01 06 25 65534 4837 701 26959i d 63 115 136 0 23 223 1...

Page 866: ...blished a BGP peer relationship Router B has imported routes to network segments 20 1 1 0 24 20 2 1 0 24 and 20 3 1 0 24 to its BGP routing table Router A needs to learn these routes from Router B To reduce the consumption of memory resources of Router A and bandwidth used by Router B for sending routing information to Router A configure Router B to send a default route to its peer Router A and us...

Page 867: ...local address as the next hop address to a specified peer regardless of whether there is a default route in the routing table End Checking the Configurations After a BGP device is configured to send a default route to a peer you can check whether the configuration is correct l Run the display bgp routing table ipv4 address mask mask length command on a peer to check information about a received BG...

Page 868: ...ancing In this method multiple equal cost routes need to be configured for traffic load balancing NOTE Equal cost BGP routes can be generated for traffic load balancing only when the first9 route attributes described in Principles of Route Selection in BGP Features Supported by the NE80E 40E are the same and the AS_Path attributes are also the same Pre configuration Tasks Before configuring BGP lo...

Page 869: ...carry out load balancing If the optimal routes are EBGP routes only EBGP routes carry out load balancing This means that load balancing cannot be implemented among IBGP and EBGP routes with the same destination address 5 Optional Run maximum load balancing ebgp ibgp number The device has been configured whether to change the next hop addresses of the routes to be advertised to a local address If y...

Page 870: ...or load balancing This configuration is used in a VPN where a CE is dual homed to two PEs When the CE and one PE belong to an AS and the CE and the other PE belong to a different AS you can set the number of EBGP and IBGP routes to be used for load balancing This allows VPN traffic to be balanced among EBGP and IBGP routes 1 Run system view The system view is displayed 2 Run bgp as number plain as...

Page 871: ...d BGP routes exist which improves network bandwidth utilization 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 Optional Run ipv4 family unicast The BGP IPv4 unicast address family view is displayed 4 Run maximum load balancing ingress lsp number The maximum number of labeled BGP routes is set for load balancing By default the maxi...

Page 872: ...0 0 10 3 1 1 32 Direct 0 0 D 127 0 0 1 GigabitEthernet3 0 0 Exception Handling After the maximum load balancing number command is run on a device the device changes the next hop addresses of the routes received from EBGP peers to the IP address used by the device to establish a peer relationship with an IBGP peer Then the device advertises the routes to the IBGP peer In Figure 8 4 Router B is an E...

Page 873: ...h data packets are forwarded In Figure 8 4 if you want to keep the next hop addresses of the routes received from Router D before Router B sends them to Router C configure import and export routing policies on Router B First configure an import routing policy on Router B to apply a community attribute to routes received from Router D Second configure an export routing policy with the community att...

Page 874: ...tion between the two ends of the path and is called the path MTU The path MTU varies with the selected route and therefore may change In addition path MTUs in the inbound and outbound directions may be inconsistent The path MTU auto discovery function is used to find the smallest MTU on the path from the source to the destination The path MTU will be used as a basis for IP datagram fragmentation w...

Page 875: ...ew is displayed Step 3 Run peer group name ipv4 address path mtu auto discovery Path MTU auto discovery is enabled By default path MTU auto discovery is disabled After the command is run a BGP peer learns the path MTU preventing BGP messages to be fragmented during transmission NOTE The transmit and receive paths between two BGP peers may be different Therefore running this command on both ends is...

Page 876: ...ype IBGP link BGP version 4 Remote router ID 4 4 4 4 Update group ID 1 BGP current state Established Up for 1d00h25m21s BGP current event KATimerExpired BGP last state OpenConfirm BGP Peer Up count 1 Received total routes 0 Received active routes total 0 Advertised total routes 0 Port Local 179 Remote 50450 Configured Connect retry Time 32 sec Configured Active Hold Time 180 sec Keepalive Time 60 ...

Page 877: ... route to CE1 After the route exchange CE1 and CE2 can communicate If PE1 fails PE3 detects that the next hop is unreachable and instructs CE1 to delete the route to CE2 Traffic is interrupted After BGP route convergence is complete the RR selects the route advertised by PE2 and sends a route update message to PE3 PE3 then advertises this route to CE1 and traffic forwarding is restored to the norm...

Page 878: ...e configuring the BGP next hop delayed response complete the following task l Configuring Basic BGP Functions Data Preparation To configure the BGP next hop delayed response you need the following data No Data 1 Delay in responding to changes of the next hop Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step 3 S...

Page 879: ...hop recursive lookup non critical event delay command must be greater than or equal to that specified in the nexthop recursive lookup delay command if both commands are run End Checking the Configurations After configuring the BGP next hop delayed response you can run the following command to check the previous configuration l Run the display current configuration configuration bgp include nexthop...

Page 880: ...zes traffic loss Pre configuration Tasks Before configuring BFD for BGP configure basic BGP functions Data Preparation To configure BFD for BGP you need the following data No Data 1 IP address of the BGP peer or name of the peer group for which BFD needs to be configured 2 BFD parameters including the minimum and maximum intervals for receiving BFD packets Wait to Restore WTR time of a BFD session...

Page 881: ...iplier For example l On the local device the configured interval for transmitting BFD packets is 200 ms the interval for receiving BFD packets is 300 ms and the detection multiplier is 4 l On the peer device the configured interval for transmitting BFD packets is 100 ms the interval for receiving BFD packets is 600 ms and the detection multiplier is 5 Then l On the local device the actual interval...

Page 882: ... is automatically deleted End Checking the Configurations After configuring BFD for BGP you can run the following command to check the configurations l Run the display bgp bfd session vpnv4 vpn instance vpn instance name peer ipv4 address all command to check information about the BFD session between BGP peers View information about the BFD session between BGP peers HUAWEI display bgp bfd session ...

Page 883: ... and delivers the backup forwarding entries to the FIB table If the primary link fails the router switches traffic to the backup link immediately The switchover completes within sub seconds because it does not depend on route convergence Pre configuration Tasks Before configuring BGP Auto FRR configure basic BGP Functions Data Preparation To configure BGP Auto FRR you need the following data No Da...

Page 884: ...he device on which FRR is configured l In the BGP view or BGP IPv4 unicast address family view of the intermediate device on the primary path run peer group name ipv4 address out delay delay value A delay for sending Update packets is configured An appropriate delay ensures that traffic switches back to the primary path after the intermediate device on the primary path completes refreshing forward...

Page 885: ...at 10 2 1 2 is the backup next hop HUAWEI display ip routing table 4 4 4 4 32 verbose Route Flags R relay D download to fib Routing Table Public Summary Count 1 Destination 4 4 4 4 32 Protocol EBGP Process ID 0 Preference 255 Cost 80 NextHop 10 1 1 2 Neighbour 10 1 1 2 State Active Adv Age 00h05m41s Tag 0 Priority low Label NULL QoSInfo 0x0 IndirectID 0x2 RelayNextHop 0 0 0 0 Interface Pos1 0 0 Tu...

Page 886: ... sessions and instances Context A GR capable device can establish GR sessions with a GR capable neighbor By controlling the session negotiation mechanism of BGP the GR restarter and the GR helper can understand each other s GR capability When detecting the restart of the GR restarter the GR helper does not delete the routing and forwarding entries related to the GR restarter but waits to re establ...

Page 887: ...GR time is the period of time during which the GR helper retains the forwarding information after having found the GR restarter Down If the GR helper finds that the GR restarter goes Down the GR helper keeps the topology information or routes learned from the GR restarter till the GR time expires Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number plain as number...

Page 888: ...te OpenConfirm BGP Peer Up count 2 Received total routes 0 Received active routes total 0 Advertised total routes 1 Port Local 179 Remote 52510 Configured Active Hold Time 180 sec Keepalive Time 60 sec Received Active Hold Time 180 sec Negotiated Active Hold Time 180 sec Keepalive Time 60 sec Peer optional capabilities Peer supports bgp multi protocol extension Peer supports bgp route refresh capa...

Page 889: ...CP as the transport protocol and considers a packet valid as long as the source address destination address source port destination port and TCP sequence number of the packet are correct Most parameters in a packet can be easily obtained by attackers To protect BGP against attacks MD5 authentication can be used during TCP connection establishment between BGP peers to reduce the possibility of atta...

Page 890: ... Pre configuration Tasks Before configuring BGP security complete the following task l Configuring Basic BGP Functions Data Preparation To configure BGP security you need the following data No Data 1 Each router s peer address or peer group name 2 MD5 authentication password 3 Keychain authentication name 8 23 2 Configuring MD5 Authentication In BGP MD5 authentication sets an MD5 authentication pa...

Page 891: ...on on both peers must be the same This allows the peers to establish a TCP connection to exchange BGP packets Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step 3 Run peer ipv4 address group name keychain keychain name Keychain authentication is configured Keychain authentication needs to be configured on two de...

Page 892: ...y use the same TCP connection l GSTM is exclusive with EBGP MAX HOP therefore you can enable only one of them on the same peer or the peer group An interface board of a BGP device enabled with GTSM checks the TTL values in all received BGP packets In actual networking packets with the TTL values out of a specified range are either allowed to pass or discarded by GTSM When the default action of GTS...

Page 893: ...Run the display bgp peer ipv4 address verbose command to view detailed information about MD5 authentication on BGP peers For example HUAWEI display bgp peer 10 1 1 2 verbose BGP Peer is 10 1 1 2 remote AS 65008 Type EBGP link BGP version 4 Remote router ID 1 1 1 1 Update group ID 2 BGP current state Established Up for 00h02m00s BGP current event KATimerExpired BGP last state OpenConfirm BGP Peer U...

Page 894: ...Up count 4 Received Total 0 messages Update messages 1 Open messages 1 KeepAlive messages 1 Notification messages 0 Refresh messages 0 Sent Total 0 messages Update messages 1 Open messages 1 KeepAlive messages 1 Notification messages 0 Refresh messages 0 Authentication type configured Keychain key Last keepalive received 2012 03 06 19 17 37 UTC 8 00 Last keepalive sent 2012 03 06 19 17 37 UTC 8 00...

Page 895: ... received 2012 03 06 19 17 37 UTC 8 00 Last keepalive sent 2012 03 06 19 17 37 UTC 8 00 Last update received 2012 03 06 19 17 43 UTC 8 00 Last update sent 2012 03 06 19 17 37 UTC 8 00 Minimum route advertisement interval is 30 seconds Optional capabilities Route refresh capability has been enabled 4 byte as capability has been enabled GTSM has been enabled valid ttl hops 210 Peer Preferred Value 0...

Page 896: ... to multiple UPEs in most cases and it is complex to disable the BGP IPv4 unicast address family on all UPEs one by one To address this problem disable the BGP IPv4 unicast address family in the BGP view Pre configuration Task Before you disable the BGP IPv4 unicast address family configure link layer protocol parameters and IP addresses for interfaces to ensure that the link layer protocol of eac...

Page 897: ...ithout an order all the numbers of the ASs through which a route passes from the local device to the destination In most cases AS_Set is used after route summarization because BGP speakers do not know the actual sequence of ASs through which the specific routes pass During route selection a router considers that AS_Set carries only one AS number regardless of the actual number of ASs l AS_Confed_S...

Page 898: ...ath examples that 65 matches 65 655 6559 65259 and 65529 l AS_Path examples that 65 does not match 56 556 5669 55269 56259 and 56259 Matches any AS_Path with characters on either side of the vertical bar 100 65002 65003 matches 100 65002 or 65003 Matches AS_Paths beginning with the characters that follow the caret 65 matches AS_Paths beginning with 65 l AS_Path examples that 65 matches 65 651 6501...

Page 899: ...in the range specified in the brackets 2 4 matches AS_Paths without 2 3 or 4 and 0 9 matches AS_Paths without numbers from 0 to 9 _ Matches AS_Paths with a sign such as a comma left brace right brace left parenthesis right parenthesis or space The underscore _ can be used at the beginning of a regular expression with the same function as the caret or at the end of a regular expression with the sam...

Page 900: ...cifically _65004 matches AS_Confed_Sequences with 65004 as the rightmost AS number the number of the first AS through which a route passes or the routes that originate in AS 65004 _65004 and 65004 have the same function Multiple rules permit or deny can be specified in a filter The relationship between theses rules is OR which means that if a route meets one of the matching rules the route matches...

Page 901: ...2 2 8 32 10 1 2 2 0 0 65011i 10 1 1 2 0 65001 65011i 2 2 2 9 32 10 1 1 2 0 65001 65101i 10 1 2 2 0 65011 65101i 3 3 3 9 32 10 1 1 2 0 65001 65101 300i 10 1 2 2 0 65011 65101 300i Case 1 Configure an AS_Path filter named s1 and allow Router A to accept only routes that originate in AS 300 RouterA ip as path filter s1 permit _300 RouterA display bgp routing table as path filter s1 BGP Local router I...

Page 902: ...nfigure an AS_Path filter named s3 and allow Router A to discard routes that pass through AS 65101 RouterA ip as path filter s3 deny _65101_ RouterA ip as path filter s3 permit RouterA display bgp routing table as path filter s3 BGP Local router ID is 189 6 2 2 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 5 Network ...

Page 903: ... S Stale Origin i IGP e EGP incomplete Total Number of Routes 1 Network NextHop MED LocPrf PrefVal Path Ogn 1 1 1 9 32 0 0 0 0 0 0 i The preceding command output shows that the BGP routing table contains only locally generated routes Case 6 Configure an AS_Path filter named s6 and allow Router A to accept routes that originate in AS 300 and pass through AS 65001 RouterA ip as path filter s6 permit...

Page 904: ... 189 6 2 2 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 3 Network NextHop MED LocPrf PrefVal Path Ogn 1 1 1 9 32 0 0 0 0 0 0 i 2 2 2 0 27 10 1 1 2 0 65001 65101 i 3 3 3 9 32 10 1 1 2 0 65001 65101 300i The preceding command output shows that the BGP routing table contains all routes except those that pass through AS...

Page 905: ... and the routes carrying an AS_Sequence with 300 In this case the ip as path filter s9 permit 65011 65101 and ip as path filters9 permit 300 commands can be replaced with the ip as path filter s9 permit 65011 65101 300 command RouterA ip as path filter s9 permit 65011 65101 300 RouterA display bgp routing table as path filter s9 BGP Local router ID is 189 6 2 2 Status codes valid best d damped h h...

Page 906: ... 1 2 0 100 0 65001 i i 10 1 3 1 0 100 0 65011 65001 i i 2 2 2 8 32 10 1 2 2 0 100 0 65011 i i 10 1 3 2 0 100 0 65001 65011 i i 2 2 2 9 32 10 1 4 2 0 100 0 65001 65101 i i 10 1 5 2 0 100 0 65011 65101 i i 3 3 3 9 32 10 1 6 2 0 100 0 65001 65101 300i i 10 1 6 2 0 100 0 65011 65001 65101 300i Case 10 Configure an AS_Path filter named s10 and allow Router A to discard routes advertised by peers in AS ...

Page 907: ... Total Number of Routes 5 Network NextHop MED LocPrf PrefVal Path Ogn 1 1 1 9 32 0 0 0 0 0 0 i i 2 2 2 7 32 10 1 1 2 0 100 0 65001 i i 10 1 3 1 0 100 0 65011 65001 i i 2 2 2 8 32 10 1 2 2 0 100 0 65011 i i 10 1 3 2 0 100 0 65001 65011 i The preceding command output shows that the BGP routing table contains all routes except those that originate in AS 65101 Route Summarization Scenario Within a Con...

Page 908: ...route carrying an AS_Confed_Set with 65101 Case 13 Configure an AS_Path filter named s13 and allow Router B to accept only routes carrying an AS_Confed_Set in which 65011 is the rightmost AS number RouterB ip as path filter s13 permit _65011 RouterB display bgp routing table as path filter s13 Total Number of Routes 0 The preceding command output shows that the BGP routing table contains no routes...

Page 909: ...you do not want BGP to record peer status changes or event information run the undo peer log change command After you run the undo peer log change command BGP records only the last peer status change in the log file You can run the display bgp peer loginfo command to view this log Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number The BGP view is displayed Step ...

Page 910: ...ns l To validate the new configurations run the reset bgp as number plain as number dot graceful command in the user view to reset the BGP connection between the specified AS l To validate the new configurations run the reset bgp ipv4 address graceful command in the user view to reset the BGP connection between a specified peer l To validate the new configurations run the reset bgp external gracef...

Page 911: ...hows the route processing on the BGP router BGP routes can be imported from other protocols or learned from BGP peers Route summarization can be configured to reduce the routing table size before routes are selected advertised and delivered to the IP routing table Figure 8 10 Route processing on the BGP router 入口策略 Routes learned from BGP peers IP routing table Routing policy Import policy Export...

Page 912: ...GP adds the optimal route to the BGP routing table and advertises it to BGP peers 6 BGP adds the routes learned from peers and the optimal route in the BGP routing table to the IP routing table for traffic forwarding 8 27 2 BGP Route Selection Rules When multiple routes are available to the same destination BGP selects one optimal route based on BGP route selection rules and adds it to the IP rout...

Page 913: ...o Yes Yes The route with the smallest AIGP is preferred and the route with AIGP is preferred to the route without AIGP Are AIGP values the same No Yes The one with the smallest MED value is preferred Are MEDs the same No The optimal route is selected BGP selects routes by comparing route attributes in a fixed order When a route attribute is a sufficient condition for determining the optimal route ...

Page 914: ...gate command l S indicates that routes are summarized using the summary automatic command l N indicates that routes are imported using the network command l I indicates that routes are imported using the import route command l L indicates that routes are learned from BGP peers A Accumulated Interior Gateway Protocol AIGP The route with the smallest AIGP value is preferred The route with AIGP to th...

Page 915: ...r clusterlist command R Router ID The route with the smallest router ID is preferred If routes carry the Originator_ID the originator ID is substituted for the router ID during route selection The route with the smallest Originator_ID is preferred A Peer IP address The route learned from the peer with the smallest IP address is preferred Selection of the Routes for Load Balancing After BGP load ba...

Page 916: ...the common route attributes that affect route selection and the commands that are used to check them Table 8 11 Commands used to check route attributes Route Attribute Command Used to Check the Route Attribute PrefVal display bgp routing table network Local_Pref display bgp routing table network Route type display bgp routing table network AIGP display bgp routing table network AS_Path display bgp...

Page 917: ... 10 1 3 1 0 100 0 65011 65001 i i 2 2 2 8 32 10 1 2 2 0 100 0 65011 i i 10 1 3 2 0 100 0 65001 65011 i i 2 2 2 9 32 10 1 4 2 0 100 0 65001 65101 i i 10 1 5 2 0 100 0 65011 65101 i i 3 3 3 9 32 10 1 6 2 0 100 0 65001 65101 300i i 10 1 6 2 0 100 0 65011 65001 65101 300i Table 8 12 Description of the display bgp routing table command output Item Description BGP Local router ID is 1 1 1 2 Router ID 1 ...

Page 918: ...d in front of a route the route is carried in an Update packet l If h is displayed in front of a route the route is carried in a Withdraw packet The penalty value is not increased after it reaches the suppression threshold The penalty value of a suppressed route reduces by half after a half life period l When the penalty value of a route with the d sign decreases to the Reuse value the route becom...

Page 919: ...AIGP 1 Not advertised to any peer yet Table 8 13 Description of the display bgp routing table command output Item Description BGP local router ID Router ID of the local device in the same format as an IPv4 address Local AS number Local AS number Paths BGP route information BGP routing table entry information of 10 1 1 1 32 Information about the BGP route 10 1 1 1 32 From IP address of the device t...

Page 920: ...is marked with best In load balancing or FRR scenarios more than one route needs to be added to the IP routing table and each of the route is marked with select Therefore the number of the route marked with best is 1 and the number of the routes marked with select is the actual number of routes added to the IP routing table active Active route pre 255 Protocol priority of the route 255 IGP cost IG...

Page 921: ...layed In the following example an RR and a cluster are configured Therefore the Cluster_List attribute is displayed in the display bgp routing table network mask mask length longer prefixes command output HUAWEI display bgp routing table 10 2 1 0 BGP local router ID 4 4 4 4 Local AS number 65010 Paths 1 available 0 best 0 select BGP routing table entry information of 10 2 1 0 24 From 10 1 4 1 2 2 ...

Page 922: ...ute learned from an EBGP peer to its IBGP peers the ASBR does not change the Next_Hop of the route Therefore the Next_Hop address of the route remains the EBGP peer IP address After being forwarded to the IBGP peers the route cannot become active as the Next_Hop is unreachable To address this issue configure the ASBR to modify the Next_Hop of the route to the local IP address before advertising th...

Page 923: ...al PE during traffic transmission By default a device modifies the Next_Hops of routes to the local IP address before advertising the routes to EBGP peers In addition a device does not modify the Next_Hops of non labeled routes if the routes are learned from EBGP peers and are to be advertised to IBGP peers the device sets its interface IP address as the Next_Hops of labeled routes if the routes a...

Page 924: ... whose next hop addresses have been changed to the address configured in the route policy are discarded by the EBGP peers because the next hop address is unreachable When the EBGP peer relationships are established on physical connections the Next_Hops of BGP routes cannot be modified If a route policy has been specified in the import route or network command the apply clause configured for the ro...

Page 925: ...nnel is unavailable Ensure that the tunnel is correctly configured and is Up The following example shows how to obtain a reachable next hop IP address In Figure 8 12 an IBGP peer relationship is established between Router A and Router B and an EBGP peer relationship is established betweenRouter B andRouter C Router A imports the route 1 1 1 9 32 and Router C imports the route 3 3 3 9 32 Figure 8 1...

Page 926: ...Router A l Configure an IGP on Router B and Router C and configure BGP to import the route 10 1 2 1 on Router B This solution is not applicable to this specific scenario because Router B and Router C are located in different ASs l Run the import route direct command on Router B This solution is not optimal because unnecessary routes may be imported l Run the network 10 1 2 0 30 command on Router B...

Page 927: ...the PreVal value Table 8 16 Methods to modify the PreVal value Method Usage Scenario Run the peer group name ipv4 address preferred value value command This method sets a PreVal value for the routes learned from a peer or peer group Configure an import policy and run the apply preferred value preferred value command to configure an apply clause for the policy This method sets different PreVal valu...

Page 928: ...amped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 4 Network NextHop MED LocPrf PrefVal Path Ogn 10 11 0 0 16 10 1 3 2 0 200 10 1 2 2 0 300 100 10 22 0 0 16 10 1 3 2 0 200 10 1 2 2 0 300 100 The BGP routing table of Router A shows that Router A receives the routes 10 11 0 0 16 and 10 22 0 0 16 from ISP1 and ISP2 Check the information about the rout...

Page 929: ... AS_Path of the route learned from ISP2 is shorter than that of the route learned from ISP1 Therefore the route learned from ISP2 is selected as the optimal route Table 8 17 shows the route attribute comparison of the routes 10 11 0 0 16 learned from ISP1 and ISP2 Table 8 17 Route attribute comparison of the route learned from ISP1 and that learned from ISP2 Route Attribute Route Learned from ISP1...

Page 930: ...6 10 1 2 2 120 300 100 10 1 3 2 0 200 The preceding command output shows that Router A selects the routes learned from ISP1 Display detailed information about the route 10 11 0 0 16 or 10 22 0 0 16 on Router A The route 10 11 0 0 16 is used as an example RouterA display bgp routing table 10 11 0 0 BGP local router ID 10 1 2 1 Local AS number 65001 Paths 2 available 1 best 1 select BGP routing tabl...

Page 931: ... to modify the PrefVal value route policy for_isp1_in permit node 10 Define the first node of for_isp1_in and set the PrefVal value of the route 10 11 0 0 16 to 80 if match ip prefix for_isp1 apply preferred value 80 route policy for_isp1_in permit node 20 Define the second node of for_isp1_in and allow for_isp1_in to permit all routes route policy for_isp2_in permit node 10 Define the first node ...

Page 932: ...eceding command output shows that two routes 10 22 0 0 16 are available in the BGP routing table of Router A and that the route with the next hop address 10 1 3 2 is selected because its PrefVal 120 is greater than the PrefVal 0 of the route with next hop address 10 1 2 2 The PrefVal value is sufficient enough to determine the optimal route and therefore Router A does not compare other route attri...

Page 933: ...0 16 and 10 22 0 0 16 to AS 65001 Figure 8 14 Local_Pref application networking Internet 10 11 0 0 16 10 22 0 0 16 ISP1 AS 100 ISP2 AS 200 10 1 1 1 30 10 1 1 2 30 10 1 2 1 30 10 1 2 2 30 10 1 3 1 30 10 1 3 2 30 10 1 4 1 30 10 1 4 2 30 10 1 5 1 30 10 1 5 2 30 RouterA RouterB RouterC Client Network AS 65001 EBGP EBGP IBGP IBGP IBGP Scenario 1 When no Local_Pref value is configured on Router A and Ro...

Page 934: ...55 Advertised to such 2 peers 10 1 3 2 10 1 4 2 BGP routing table entry information of 10 11 0 0 16 From 10 1 3 2 192 168 2 2 Route Duration 01h42m40s Relay IP Nexthop 10 1 3 2 Relay IP Out Interface GigabitEthernet1 0 3 Original nexthop 10 1 2 1 Qos information 0x0 AS path 200 10 origin igp localpref 100 pref val 0 valid internal pre 255 not preferred for peer type Not advertised to any peer yet ...

Page 935: ... e EGP incomplete Network NextHop MED LocPrf PrefVal Path Ogn i 10 1 1 0 30 10 1 4 1 0 100 0 i i 10 1 2 0 30 10 1 5 1 0 100 0 i i 10 11 0 0 16 10 1 2 1 100 0 200 10i i 10 1 1 1 100 0 100 10i i 10 22 0 0 16 10 1 2 1 100 0 200 10i i 10 1 1 1 100 0 100 10i The preceding command output shows that Router C selects the routes advertised by Router B Check the reason why the routes learned from Router A a...

Page 936: ...0 Route attribute comparison of the routes 10 11 0 0 16 learned from Router A and Router B Route Attribute Route Learned from Router A Route Learned from Router B Comparison PrefVal 0 0 The same Local_Pref 100 100 The same Route type Learned from a peer Learned from a peer The same AIGP The same AS_Path 100 10 200 10 The same length Origin IGP IGP The same MED The same Peer type IBGP IBGP The same...

Page 937: ...ocal router ID is 192 168 2 2 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 6 Network NextHop MED LocPrf PrefVal Path Ogn i 10 1 1 0 30 10 1 3 1 0 120 0 i 10 1 2 0 30 0 0 0 0 0 0 i i 10 11 0 0 16 10 1 1 1 120 0 100 10i 10 1 2 1 0 200 10i i 10 22 0 0 16 10 1 1 1 120 0 100 10i 10 1 2 1 0 200 10i The preceding command o...

Page 938: ...21 shows the route attribute comparison of the routes 10 11 0 0 16 learned from Router A and ISP2 Table 8 21 Route attribute comparison of the routes 10 11 0 0 16 learned from Router A and ISP2 Route Attribute Route Learned from Router A Route Learned from ISP2 Comparison PrefVal 0 0 The same Local_Pref 120 Route 10 11 0 0 16 learned from Router A is optimal NOTE If a route does not carry Local_Pr...

Page 939: ...rA RouterB RouterC Client Network AS 65001 To 11 0 0 0 8 To 22 0 0 0 8 To 11 0 0 0 8 To 22 0 0 0 8 Set Local_Pref 200 for 10 22 0 0 16 60 for 10 11 0 0 16 Set Local_Pref 120 for 10 11 0 0 16 80 for 10 22 0 0 16 EBGP EBGP IBGP IBGP IBGP Best route In this situation different Local_Pref values are required for the routes learned from the same ISP To configure different Local_Pref values for the rout...

Page 940: ... addpref apply local preference 200 route policy rp2 permit node 20 Define the second node of rp2 and set the Local_Pref value of the route 10 11 0 0 16 to 60 if match ip prefix reducepref apply local preference 60 route policy rp2 permit node 30 Define the third node of rp2 and allow rp2 to permit all routes ip ip prefix addpref index 10 permit 10 22 0 0 16 Configure an IP prefix list to match th...

Page 941: ... with next hop address 10 1 2 1 is selected because its Local_Pref 200 is greater than the Local_Pref 80 of the route with next hop address 10 1 1 1 Table 8 22 shows the route attribute comparison of the routes 10 22 0 0 16 learned from ISP1 and Router B Table 8 22 Route attribute comparison of the routes 10 22 0 0 16 learned from ISP1 and Router B Route Attribute Route Learned from ISP1 Route Lea...

Page 942: ...rface GigabitEthernet1 0 0 Original nexthop 10 1 2 1 Qos information 0x0 AS path 200 10 origin igp localpref 60 pref val 0 valid external pre 255 not preferred for Local_Pref Not advertised to any peer yet The preceding command output shows that two routes 10 11 0 0 16 are available in the BGP routing table of Router B and that the route with next hop address 10 1 1 1 is selected because its Local...

Page 943: ...l_Pref based BGP route selection networking 2 Internet 10 11 0 0 16 10 22 0 0 16 ISP1 AS 100 ISP2 AS 200 RouterA RouterB RouterC Client Network AS 65001 To 11 0 0 0 8 22 0 0 0 8 To 10 11 0 0 16 10 22 0 0 16 To 10 11 0 0 16 10 22 0 0 16 EBGP EBGP IBGP IBGP IBGP Best route You can perform either of the following operations l Configure an export policy on Router A to modify the Local_Pref of the rout...

Page 944: ...68 2 2 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 6 Network NextHop MED LocPrf PrefVal Path Ogn i 10 1 1 0 30 10 1 3 1 0 100 0 i 10 1 2 0 30 0 0 0 0 0 0 i 10 11 0 0 16 10 1 2 1 0 200 10i i 10 1 1 1 100 0 100 10i 10 22 0 0 16 10 1 2 1 0 200 10i i 10 1 1 1 100 0 100 10i The preceding command output shows that Router...

Page 945: ... route learned from ISP2 The preceding examples show that the modification of the Local_Pref values affects not only BGP route advertisement but also BGP route selection with an AS We can configure Local_Pref values as required to control the forwarding path of the traffic that leaves an AS Route Type BGP prefers locally imported routes to the routes learned from peers during BGP route selection B...

Page 946: ...uter D are as follows bgp 65001 ipv4 family unicast network 10 1 3 0 255 255 255 252 Advertise the route 10 1 3 0 30 network 10 1 4 0 255 255 255 252 Advertise the route 10 1 4 0 30 import route direct Import direct routes Run the display bgp routing table ip address command to check the configurations Display the routing table of Router D RouterD display bgp routing table BGP Local router ID is 1...

Page 947: ...ation of 10 1 4 0 30 Imported route From 0 0 0 0 0 0 0 0 Route Duration 00h04m10s Direct Out interface GigabitEthernet0 0 4 Original nexthop 10 1 4 1 Qos information 0x0 AS path Nil origin incomplete MED 0 pref val 0 valid local pre 0 not preferred for route type Not advertised to any peer yet BGP routing table entry information of 10 1 4 0 30 From 10 1 4 2 10 1 2 2 Route Duration 00h02m24s Relay ...

Page 948: ... table entry information of 10 0 0 0 8 Aggregated route Route Duration 00h17m04s Direct Out interface NULL0 Original nexthop 127 0 0 1 Qos information 0x0 AS path Nil origin incomplete pref val 0 valid local best select active pre 255 Aggregator AS 65001 Aggregator ID 10 1 1 2 Advertised to such 3 peers 10 1 1 1 10 1 3 2 10 1 2 2 BGP routing table entry information of 10 0 0 0 8 Summary automatic ...

Page 949: ...oute policy using the apply aigp cost inherit cost command to modify the AIGP value during BGP route import acceptance or advertisement If no AIGP value is configured the IGP routes imported by BGP do not carry the AIGP attribute In Figure 8 18 OSPF runs in AS 65002 an EBGP peer relationship is established between Router A and Router E and between Router B and Router E Router A and Router B are co...

Page 950: ... 00h03m58s Direct Out interface GigabitEthernet0 0 0 Original nexthop 10 1 3 2 Qos information 0x0 AS path 65002 origin incomplete MED 2 pref val 0 valid external pre 255 not preferred for router ID Not advertised to any peer yet The command output shows that Router E selects the route learned from Router A because the AIGP attribute has not been configured and the router ID of Router A is smaller...

Page 951: ...ix2 index 10 permit 10 1 4 0 30 Configure IP prefix list named prefix2 to match the route 10 1 4 0 30 Configurations on Router E bgp 65001 ipv4 family unicast peer 10 1 1 2 aigp Enable AIGP on the local device and the peer 10 1 1 2 peer 10 1 3 2 aigp Enable AIGP on the local device and the peer 10 1 3 2 Run the display bgp routing table ip address command on Router E to check the configurations Di...

Page 952: ... 10 1 4 0 30 learned from Router A and Router B Table 8 23 Attribute comparison of the routes 10 1 4 0 30 learned from Router A and Router B Route Attribute Route Learned from Router A Route Learned from Router B Comparison PrefVal 0 0 The same Local_Pref The same Route type Learned from a peer Learned from a peer The same AIGP 10 5 The same AS_Path BGP prefers the route with the shortest AS_Path ...

Page 953: ...es are included in the AS_Set of the summarized route AS_Confed_Sequence and AS_Confed_Set BGP ignores AS_Confed_Sequence and AS_Confed_Set when calculating the AS_Path length bestroute as path ignore After the command is configured BGP does not compare the AS_Path attribute during route selection apply as path The command can be run to configure an apply clause for a route policy so that the ASs ...

Page 954: ...fore exercise caution when using the command During BGP route selection BGP compares the AS_Path length by calculating the number of ASs included in the AS_Sequence if AS_Sequence is carried in a route If both AS_Sequence and AS_Set are carried in the route BGP considers the AS_Path length to be the number of ASs included in the AS_Sequence plus 1 Deleting Private AS Numbers As public AS resources...

Page 955: ... private AS numbers may lead to a routing loop l The AS_Path carries both public and private AS numbers which indicates that the route has passed through the public network In this case deleting private AS numbers may lead to incorrect traffic forwarding The preceding limitations also apply to confederation scenarios Adding AS Numbers In Figure 8 20 AS 65005 imports three routes and advertises the...

Page 956: ...g table entry information of 172 16 1 0 24 From 10 1 1 2 10 1 1 2 Route Duration 00h34m43s Direct Out interface GigabitEthernet0 0 1 Original nexthop 10 1 1 2 Qos information 0x0 AS path 65002 65004 65005 origin incomplete pref val 0 valid external pre 255 not preferred for AS Path Not advertised to any peer yet The preceding command output shows that Router A selects the route learned from Router...

Page 957: ...ocPrf PrefVal Path Ogn 172 16 1 0 24 10 1 1 2 0 65002 65004 65005 10 1 3 2 0 65003 65003 65003 65003 65005 172 16 2 0 24 10 1 1 2 0 65002 65004 65005 10 1 3 2 0 65003 65003 65003 65003 65005 172 16 3 0 24 10 1 1 2 0 65002 65004 65005 10 1 3 2 0 65003 65003 65003 65003 65005 RouterA display bgp routing table 172 16 1 0 BGP local router ID 10 1 1 1 Local AS number 65001 Paths 2 available 1 best 1 se...

Page 958: ...ing the route to Router A Router A will discard the route upon receipt because the route carries Router A s AS number Replacing AS Numbers When the apply as path command is configured if overwrite is specified in the command the device will replace the AS numbers in the original AS_Path attribute to achieve the following goals l Hide the actual path information l Prevent a route from being discard...

Page 959: ... 16 2 0 24 10 1 1 2 0 65002 65004 65005 10 1 3 2 0 65002 65004 65005 172 16 3 0 24 10 1 1 2 0 65002 65004 65005 10 1 3 2 0 65002 65004 65005 The preceding command output shows that the AS_Path of the route received from AS 65003 has been replaced after which the routes received from AS 65002 and AS 65003 have the same AS_Path Run the maximum load balancing 2 command on Router A to set the maximum ...

Page 960: ...Direct 0 0 D 127 0 0 1 InLoopBack0 172 16 1 0 24 EBGP 255 0 D 10 1 1 2 GigabitEthernet0 0 1 EBGP 255 0 D 10 1 3 2 GigabitEthernet0 0 0 172 16 2 0 24 EBGP 255 0 D 10 1 1 2 GigabitEthernet0 0 1 EBGP 255 0 D 10 1 3 2 GigabitEthernet0 0 0 172 16 3 0 24 EBGP 255 0 D 10 1 1 2 GigabitEthernet0 0 1 EBGP 255 0 D 10 1 3 2 GigabitEthernet0 0 0 The preceding command output shows that BGP has delivered the two...

Page 961: ...P peers Figure 8 21 Networking diagram with Origin configurations AS 100 10 1 1 1 30 10 1 1 2 30 10 1 3 1 30 10 1 3 2 30 10 1 2 1 30 10 1 2 2 30 10 1 4 1 30 10 1 4 2 30 Router B Router D Router C AS 65001 IBGP IBGP IBGP Router A The configurations on Router D are as follows bgp 65001 ipv4 family unicast network 10 1 4 0 255 255 255 252 Advertise the route 10 1 4 0 30 The configurations on Router C...

Page 962: ...m20s Relay IP Nexthop 0 0 0 0 Relay IP Out Interface GigabitEthernet0 0 0 Original nexthop 10 1 2 2 Qos information 0x0 AS path Nil origin incomplete MED 0 localpref 100 pref val 0 valid internal pre 255 not preferred for Origin Not advertised to any peer yet The preceding command output shows that the route learned from Router D is selected because it is imported using the network command and its...

Page 963: ... ID is 10 1 1 2 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 3 Network NextHop MED LocPrf PrefVal Path Ogn i 10 1 2 0 30 10 1 2 2 0 100 0 i 10 1 4 0 30 10 1 2 2 0 100 0 i 10 1 3 2 0 100 0 The preceding command output shows that the route learned from Router C becomes the optimal route RouterB display bgp routing tab...

Page 964: ...IGP The same AS_Path The same Origin Incomplete Incomplete The same MED 0 0 The same Peer type IBGP IBGP The same IGP cost The same Cluster_List The same Router ID 10 1 2 2 10 1 3 2 The route learned from Router C is optimal MED MED attributes of routes can be configured as required to control traffic forwarding path for the purpose of load balancing The MED attribute is transmitted only within an...

Page 965: ... routes that are from the same AS excluding confederation sub ASs MEDs of two routes are compared only if the leftmost AS number in the AS_Sequence excluding AS_Confed_Sequence of one route is the same as its counterpart in the other route l If the compare different as med command is run BGP compares MEDs of routes even when the routes are received from peers in different ASs Do not run this comma...

Page 966: ...nario 1 Check the BGP routing tables of Router A and Router B before Router C and Router D are configured to modify the MED of the route 1 1 1 9 32 RouterA display bgp routing table BGP Local router ID is 10 1 1 1 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 2 Network NextHop MED LocPrf PrefVal Path Ogn HUAWEI NetEn...

Page 967: ...op 10 1 4 2 Qos information 0x0 AS path 65001 origin igp pref val 0 valid external best select active pre 255 Advertised to such 2 peers 10 1 2 2 10 1 4 2 BGP routing table entry information of 1 1 1 9 32 From 10 1 2 2 10 1 2 2 Route Duration 00h01m07s Direct Out interface GigabitEthernet0 0 0 Original nexthop 10 1 2 2 Qos information 0x0 AS path 65001 origin igp pref val 0 valid external pre 255 ...

Page 968: ...P1 to 1 1 1 9 32 the link Router A Router C is active and the link Router A Router D is backup l For the traffic from ISP2 to 1 1 1 9 32 the link Router B Router D is active and the link Router B Router C is backup To meet the preceding requirements ensure that ISP1 selects the route learned from Router C and that ISP2 selects the route learned from Router D Figure 8 23 shows the networking in whi...

Page 969: ... MED values for the routes learned from different peers Detailed configurations are as follows l Configurations on Router C bgp 65001 ipv4 family unicast undo synchronization peer 10 1 4 1 route policy addmed100 export Apply export policy named addmed100 to the routes to be advertised to 10 1 4 1 and use addmed100 to modify the MED value HUAWEI NetEngine80E 40E Router Configuration Guide IP Routin...

Page 970: ...rst node of addmed200 and set the MED of the route 1 1 1 9 32 to 200 if match ip prefix p1 apply cost 200 route policy addmed200 permit node 20 Define the second node of addmed200 to allow addmed200 to permit all other routes ip ip prefix p1 index 10 permit 1 1 1 9 32 Configure an IP prefix list to match the route 1 1 1 9 32 Run the display bgp routing table ip address command to check the configu...

Page 971: ...ptimal route Table 8 30 describes the attribute comparison of the routes learned from Router C and Router D Table 8 30 Attribute comparison of the routes learned from Router C and Router D Route Attribute Route Learned from Router C Route Learned from Router D Comparison PrefVal 0 0 The same Local_Pref The same Route type Learned from a peer Learned from a peer The same AIGP The same AS_Path 65001...

Page 972: ...ting table of Router B The MED of the route with the next hop address 10 1 4 2 is 100 and the MED of the route with the next hop address 10 1 2 2 is considered as 4294967295 because it carries no MED Therefore the route with the next hop address 10 1 4 2 is selected as the optimal route In addition BGP selects routes in the same sequence they are received Therefore the route selection result is re...

Page 973: ... than that of route A2 150 BGP then compares route A1 and route B The leftmost AS number in the AS_Path of route A1 is 65001 which is different from its counterpart in route B 65002 Therefore BGP does not compare the MED values and selects route B as the optimal route because the IGP cost 12 of route B is smaller than that of route A1 13 Case 1 and case 2 show that the route selection result is re...

Page 974: ...d next hop address quickly If the bestroute igp metric ignore command is configured BGP does not compare the IGP cost In Figure 8 25 OSPF runs in AS 65001 an EBGP peer relationship is established between Router E and Router A and between Router E and Router B and an IBGP peer relationship is established between Router A and Router C between Router A and Router D between Router B and Router C and b...

Page 975: ...Total Number of Routes 4 Network NextHop MED LocPrf PrefVal Path Ogn i 1 1 1 9 32 10 1 5 2 0 100 0 100i i 10 1 6 2 0 100 0 100i i 10 1 5 0 30 10 1 3 2 0 100 0 i i 10 1 6 0 30 10 1 2 2 0 100 0 i The preceding command output shows that two routes 1 1 1 9 32 are available in the routing table of Router C and that Router C selects the route learned from Router A RouterC display bgp routing table 1 1 1...

Page 976: ...routes learned from Router A and Router B Table 8 31 Attribute comparison of the routes learned from Router A and Router B Route Attribute Route Learned from Router A Route Learned from Router B Comparison PrefVal 0 0 The same Local_Pref 100 100 The same Route type Learned from a peer Learned from a peer The same AIGP The same AS_Path 100 100 The same length Origin IGP IGP The same MED 0 0 The sam...

Page 977: ...o the Cluster_List and then reflects the route The following example shows how Cluster_List is used in BGP route selection In Figure 8 26 an IBGP peer relationship is established between each two neighboring devices in AS 65001 Router B functions as a level 1 RR and Router D is its client Router D functions as a level 2 RR and Router E is its client Router C functions as an RR and Router E is its ...

Page 978: ...vertised to any peer yet BGP routing table entry information of 1 1 1 9 32 From 10 1 1 2 10 1 2 1 Route Duration 00h28m05s Relay IP Nexthop 10 1 1 2 Relay IP Out Interface GigabitEthernet0 0 0 Original nexthop 10 1 4 2 Qos information 0x0 AS path Nil origin igp MED 0 localpref 100 pref val 0 valid internal pre 255 IGP cost 3 not preferred for Cluster List Originator 1 1 1 9 Cluster list 0 0 0 2 0 ...

Page 979: ...e originator in the local AS l When a route is reflected by an RR for the first time the RR adds the Originator_ID to this route If a route already carries the Originator_ID attribute the RR does not create a new one l After receiving the route a BGP speaker checks whether the Originator_ID is the same as its router ID If Originator_ID is the same as its router ID the BGP speaker discards this rou...

Page 980: ...refVal Path Ogn i 10 1 4 0 30 10 1 5 2 0 100 0 i i 10 1 2 2 0 100 0 i The preceding command output shows that two routes 10 1 4 0 30 are available in the routing table of Router A and that Router A selects the route learned from Router C RouterA display bgp routing table 1 1 1 9 BGP local router ID 10 1 3 1 Local AS number 65001 Paths 2 available 1 best 1 select BGP routing table entry information...

Page 981: ...ID attributes In this situation the Originator_ID attributes rather than router IDs are compared Router A selects the route learned from Router C because its Originator_ID 10 1 4 1 is smaller than that 10 1 4 2 of the route learned from Router B Table 8 33 describes the attribute comparison of the routes learned from Router B and Router C Table 8 33 Attribute comparison of the routes learned from ...

Page 982: ...examples see Local_Pref Origin and MED Peer IP Address BGP prefers the route learned from the peer with the smallest IP address during BGP route selection The peer IP address is the IP address specified in ipv4 address or ipv6 address in the peer group name ipv4 address ipv6 address as number as number plain as number dot command The group name parameter specified in the command is the one specifi...

Page 983: ...ing table of Router A RouterA display bgp routing table BGP Local router ID is 192 168 2 3 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 2 Network NextHop MED LocPrf PrefVal Path Ogn 2 2 2 9 32 10 1 1 2 0 0 65002i 10 1 2 2 0 0 65002i The preceding command output shows that two routes 2 2 2 9 32 are available in the r...

Page 984: ...rs and link types may be different from those used in this document 8 28 1 Example for Configuring Basic BGP Functions After configuring basic BGP functions you can build up a BGP network to use BGP to transmit routing information Networking Requirements Multiple ASs exist in a region To access each other these ASs must exchange their local routes As multiple routers exist in the ASs there are a l...

Page 985: ... 1 8 4 Configure Router B to import direct routes and view the routing tables of Routers A and C Data Preparation To complete the configuration you need the following data l Router IDs 2 2 2 2 3 3 3 3 and 4 4 4 4 and AS number 65009 of Routers B C and D respectively l Router ID 1 1 1 1 and AS number 65008 of Router A Procedure Step 1 Configure an IP address for each interface The configuration det...

Page 986: ...2 4 65008 49 65 0 00 44 03 Established 1 The preceding command output shows that BGP connections have been established between Router B and other routers Step 4 Configure Router A to advertise a route Configure Router A to advertise route 8 0 0 0 8 RouterA bgp ipv4 family unicast RouterA bgp af ipv4 network 8 0 0 0 255 0 0 0 RouterA bgp af ipv4 quit RouterA bgp quit View the routing table of Route...

Page 987: ...B bgp 65009 RouterB bgp ipv4 family unicast RouterB bgp af ipv4 import route direct View the routing table of Router A RouterA display bgp routing table BGP Local router ID is 1 1 1 1 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 7 Network NextHop MED LocPrf PrefVal Path Ogn 8 0 0 0 0 0 0 0 0 0 i 9 1 1 0 24 200 1 1 1...

Page 988: ... 1 bytes 56 Sequence 4 ttl 254 time 16 ms Reply from 8 1 1 1 bytes 56 Sequence 5 ttl 254 time 31 ms 8 1 1 1 ping statistics 5 packet s transmitted 5 packet s received 0 00 packet loss round trip min avg max 16 31 47 ms End Configuration Files l Configuration file of Router A sysname RouterA interface GigabitEthernet1 0 0 ip address 8 1 1 1 255 0 0 0 interface Pos2 0 0 link protocol ppp ip address ...

Page 989: ... 65009 router id 3 3 3 3 peer 9 1 2 2 as number 65009 peer 9 1 3 1 as number 65009 ipv4 family unicast undo synchronization peer 9 1 2 2 enable peer 9 1 3 1 enable return l Configuration file of Router D sysname RouterD interface Pos1 0 0 link protocol ppp ip address 9 1 1 2 255 255 255 0 interface Pos2 0 0 link protocol ppp ip address 9 1 2 2 255 255 255 0 bgp 65009 router id 4 4 4 4 peer 9 1 1 1...

Page 990: ...e OSPF is used as an IGP BGP can be configured to enable the two ASs to access each other Interaction between BGP and the IGP can be configured on edge routers in the two ASs so that the two ASs can exchange routes efficiently and access each other Figure 8 30 Networking diagram for configuring BGP to interact with an IGP GE1 0 0 8 1 1 1 24 POS2 0 0 3 1 1 2 24 RouterA AS 65008 POS2 0 0 3 1 1 1 24 ...

Page 991: ...1 1 as number 65009 RouterA bgp ipv4 family unicast RouterA bgp af ipv4 network 8 1 1 0 255 255 255 0 RouterA bgp af ipv4 quit RouterA bgp quit Configure Router B RouterB bgp 65009 RouterB bgp router id 2 2 2 2 RouterB bgp peer 3 1 1 2 as number 65008 Step 4 Configure BGP to interact with an IGP On Router B configure BGP to import OSPF routes RouterB bgp ipv4 family unicast RouterB bgp af ipv4 imp...

Page 992: ...rB bgp 65009 RouterB bgp ipv4 family unicast RouterB bgp af ipv4 summary automatic View the routing table of Router A RouterA display bgp routing table BGP Local router ID is 1 1 1 1 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 2 Network NextHop MED LocPrf PrefVal Path Ogn 8 1 1 0 24 0 0 0 0 0 0 i 9 0 0 0 3 1 1 1 0 ...

Page 993: ...s2 0 0 link protocol ppp ip address 3 1 1 1 255 255 255 0 bgp 65009 router id 2 2 2 2 peer 3 1 1 2 as number 65008 ipv4 family unicast undo synchronization summary automatic import route ospf 1 peer 3 1 1 2 enable ospf 1 import route bgp area 0 0 0 0 network 9 1 1 0 0 0 0 255 return l Configuration file of Router C sysname RouterC interface GigabitEthernet2 0 0 ip address 9 1 2 1 255 255 255 0 int...

Page 994: ...of AS 30 to AS 10 or routes of AS 10 to AS 30 in order to isolate AS 10 and AS 30 Figure 8 31 Networking diagram for configuring AS_Path filters GE1 0 0 9 1 1 1 24 POS2 0 0 200 1 2 1 24 RouterA AS 10 POS2 0 0 200 1 2 2 24 RouterB AS 20 POS2 0 0 200 1 3 2 24 RouterC AS 30 POS3 0 0 200 1 3 1 24 EBGP EBGP GE1 0 0 20 1 1 1 24 Configuration Roadmap The configuration roadmap is as follows 1 Establish EB...

Page 995: ...by Router B Routes advertised by Router B to Router C are used as an example You can see that Router B advertises the direct route imported by AS 10 RouterB display bgp routing table peer 200 1 3 2 advertised routes BGP Local router ID is 2 2 2 2 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 6 Network NextHop MED Loc...

Page 996: ...ters to routes to be advertised by Router B RouterB bgp 20 RouterB bgp peer 200 1 2 1 as path filter path filter1 export RouterB bgp peer 200 1 3 2 as path filter path filter2 export RouterB bgp quit Step 4 View routes advertised by Router B View routes advertised by Router B to AS 30 You can see that Router B does not advertise the direct route imported by AS 10 RouterB display bgp routing table ...

Page 997: ...LocPrf PrefVal Path Ogn 200 1 2 0 200 1 2 2 0 0 20 200 1 2 1 32 200 1 2 2 0 0 20 200 1 3 0 200 1 2 2 0 0 20 200 1 3 2 32 200 1 2 2 0 0 20 The route does not exist in the BGP routing table of Router A RouterA display bgp routing table BGP Local router ID is 1 1 1 1 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 11 Netw...

Page 998: ...00 1 2 1 as number 10 peer 200 1 3 2 as number 30 ipv4 family unicast undo synchronization import route direct peer 200 1 2 1 enable peer 200 1 2 1 as path filter path filter1 export peer 200 1 3 2 enable peer 200 1 3 2 as path filter path filter2 export ip as path filter path filter1 deny _30_ ip as path filter path filter1 permit ip as path filter path filter2 deny _10_ ip as path filter path fi...

Page 999: ...Router C are in AS 65009 Router A establishes EBGP connections with Router B and Router C Router B establishes an IBGP connection with Router C Traffic sent by Router A to destination 9 1 1 0 can enter AS 65009 through Router B or Router C If the attributes excluding the MED values of the routes advertised by Routers B and C to Router A are the same you can change the MED value of the route to be ...

Page 1000: ...outerA bgp peer 200 1 1 1 as number 65009 RouterA bgp peer 200 1 2 1 as number 65009 RouterA bgp quit Configure Router B RouterB bgp 65009 RouterB bgp router id 2 2 2 2 RouterB bgp peer 200 1 1 2 as number 65008 RouterB bgp peer 9 1 1 2 as number 65009 RouterB bgp ipv4 family unicast RouterB bgp af ipv4 network 9 1 1 0 255 255 255 0 RouterB bgp af ipv4 quit RouterB bgp quit Configure Router C Rout...

Page 1001: ... 0 RouterB route policy policy10 permit node 10 RouterB route policy apply cost 100 RouterB route policy quit RouterB bgp 65009 RouterB bgp peer 200 1 1 2 route policy policy10 export View the routing table of Router A RouterA display bgp routing table 9 1 1 0 24 BGP local router ID 1 1 1 1 Local AS number 65008 Paths 2 available 1 best 1 select BGP routing table entry information of 9 1 1 0 24 Fr...

Page 1002: ...ily unicast peer 200 1 1 1 enable peer 200 1 2 1 enable return l Configuration file of Router B sysname RouterB interface GigabitEthernet1 0 0 undo shutdown ip address 9 1 1 1 255 255 255 0 interface Pos2 0 0 undo shutdown link protocol ppp ip address 200 1 1 1 255 255 255 0 bgp 65009 router id 2 2 2 2 peer 9 1 1 2 as number 65009 peer 200 1 1 2 as number 65008 ipv4 family unicast undo synchroniza...

Page 1003: ...aling services and accounting services Two sites each of which has two PEs accessing the core layer are used as an example MP BGP is used to advertise inner tags and VPNv4 routes between the PEs Each PE establishes an MP IBGP peer relationship with the RR Each PE sends BGP Update messages to the RR The RR reflects Update messages to the PEs excluding the senders of these messages through different...

Page 1004: ...same destination configuring different RDs for the two PEs can ensure that the BGP peers of the two PEs consider the advertised routes as two different routes This is because BGP VPNv4 uses VPNv4 addresses that consist of IPv4 addresses and RDs 2 Assign different community attributes to the routes advertised by PEs in plane A and the routes advertised by PEs in plane B 3 Set different local prefer...

Page 1005: ... P6 P2 GE 3 0 0 20 1 7 1 30 GE 1 0 0 20 1 7 2 30 P4 P2 GE 2 0 0 20 1 8 1 30 GE 2 0 0 20 1 8 2 30 RR P2 GE 3 2 0 20 1 9 1 30 GE 1 0 0 20 1 9 2 30 PE2 P3 GE 2 0 0 20 1 10 1 30 GE 2 0 0 20 1 10 2 30 P5 P3 GE 3 0 0 20 1 11 1 30 GE 2 0 0 20 1 11 2 30 P4 P3 GE 3 1 0 20 1 12 1 30 GE 1 0 0 20 1 12 2 30 PE3 P4 GE 3 0 0 20 1 13 1 30 GE 3 0 0 20 1 13 2 30 P6 P4 GE 3 1 0 20 1 14 1 30 GE 1 0 0 20 1 14 2 30 PE4...

Page 1006: ...GP parameter values BGP Parameter Value AS number 65000 Router ID Same as the address of Loopback 0 interface BGP community attribute Plane A 65000 100 Plane B 65000 200 BGP local preference Plane A The local preference value of community attribute 65000 100 is set to 200 Plane B The local preference value of community attribute 65000 200 is set to 200 NOTE By default the BGP local preference valu...

Page 1007: ...0 RR bgp group client internal RR bgp peer client connect interface LoopBack0 RR bgp ipv4 family unicast RR bgp af ipv4 undo peer client enable RR bgp af ipv4 quit RR bgp ipv4 family vpnv4 RR bgp af vpnv4 undo policy vpn target RR bgp af vpnv4 peer client enable RR bgp af vpnv4 peer 7 7 7 9 group client RR bgp af vpnv4 peer 8 8 8 9 group client RR bgp af vpnv4 peer 9 9 9 9 group client RR bgp af v...

Page 1008: ... a routing policy on PE2 so that BGP VPNv4 routes advertised by PEs in plane B to the RR can carry community attribute 65000 200 PE2 route policy com permit node 10 PE2 route policy apply community 65000 200 PE2 route policy quit On PE1 apply the routing policy to the advertised BGP VPNv4 routes so that the community attribute can be advertised to the RR PE1 bgp 65000 PE1 bgp ipv4 family vpnv4 PE1...

Page 1009: ...ort PE1 bgp af vpnv4 quit PE1 bgp quit On PE2 apply the routing policy to the imported BGP VPNv4 route so that PEs in plane B prefer the route advertised by remote PEs in plane B PE2 bgp 65000 PE2 bgp ipv4 family vpnv4 PE2 bgp af vpnv4 peer 11 11 11 9 route policy local_pre import PE2 bgp af vpnv4 quit PE2 bgp quit NOTE After the configurations are complete you need to configure MPLS establish tun...

Page 1010: ... ID 7 7 7 9 Total Number of Routes 2 Total routes of vpn instance NGN_Media 2 Network NextHop MED LocPrf PrefVal Community i 10 22 1 0 24 10 10 10 9 0 200 0 65000 200 9 9 9 9 0 100 0 65000 100 Run the display ip routing table vpn instance vpna 10 22 1 0 24 command on PE1 The command output shows that the next hop of route 10 22 1 0 24 is PE3 This means that PE1 prefers the route advertised by PE3 ...

Page 1011: ...ce GigabitEthernet3 2 0 undo shutdown ip address 20 1 5 1 255 255 255 252 isis enable 64 mpls mpls ldp interface LoopBack0 ip address 1 1 1 9 255 255 255 255 isis enable 64 return l Configuration file of P2 sysname P2 mpls lsr id 2 2 2 9 mpls mpls ldp isis 64 network entity 49 0091 0100 0200 2009 00 interface GigabitEthernet1 0 0 undo shutdown ip address 20 1 4 2 255 255 255 252 isis enable 64 mpl...

Page 1012: ...mpls mpls ldp isis 64 network entity 49 0091 0100 0300 3009 00 interface GigabitEthernet1 0 0 undo shutdown ip address 20 1 1 2 255 255 255 252 isis enable 64 mpls mpls ldp interface GigabitEthernet2 0 0 undo shutdown ip address 20 1 10 1 255 255 255 252 isis enable 64 mpls mpls ldp interface GigabitEthernet3 0 0 undo shutdown ip address 20 1 11 1 255 255 255 252 isis enable 64 mpls mpls ldp inter...

Page 1013: ...interface GigabitEthernet3 0 0 undo shutdown ip address 20 1 13 1 255 255 255 252 isis enable 64 mpls mpls ldp interface GigabitEthernet3 1 0 undo shutdown ip address 20 1 14 1 255 255 255 252 isis enable 64 mpls mpls ldp interface LoopBack0 ip address 4 4 4 9 255 255 255 255 isis enable 64 return l Configuration file of P5 sysname P5 mpls lsr id 5 5 5 9 mpls mpls ldp isis 64 network entity 49 009...

Page 1014: ...4 network entity 49 0091 0100 0600 6009 00 interface GigabitEthernet1 0 0 undo shutdown ip address 20 1 6 2 255 255 255 252 isis enable 64 mpls mpls ldp interface GigabitEthernet2 0 0 undo shutdown ip address 20 1 15 2 255 255 255 252 isis enable 64 mpls mpls ldp interface GigabitEthernet3 0 0 undo shutdown ip address 20 1 13 2 255 255 255 252 isis enable 64 mpls mpls ldp interface LoopBack0 ip ad...

Page 1015: ... 5 2 255 255 255 252 isis enable 64 mpls mpls ldp interface GigabitEthernet2 0 0 undo shutdown ip address 20 1 16 1 255 255 255 252 isis enable 64 mpls mpls ldp interface GigabitEthernet3 0 0 interface GigabitEthernet3 0 0 10 vlan type dot1q 10 ip binding vpn instance NGN_Media ip address 10 21 1 73 255 255 255 252 interface GigabitEthernet3 0 0 11 vlan type dot1q 11 ip binding vpn instance NGN_Si...

Page 1016: ...l Configuration file of PE2 sysname PE2 ip vpn instance NGN_Media route distinguisher 65000 10001011 apply label per instance vpn target 65000 100 export extcommunity vpn target 65000 100 65000 200 65000 300 import extcommunity ip vpn instance NGN_Other route distinguisher 65000 30001011 apply label per instance vpn target 65000 300 export extcommunity vpn target 65000 100 65000 200 65000 300 impo...

Page 1017: ...er 11 11 11 9 enable ipv4 family vpnv4 policy vpn target peer 11 11 11 9 enable peer 11 11 11 9 route policy local_pre import peer 11 11 11 9 route policy comm export peer 11 11 11 9 advertise community ipv4 family vpn instance NGN_Media aggregate 10 21 1 0 255 255 255 0 detail suppressed import route direct ipv4 family vpn instance NGN_Other aggregate 10 21 1 0 255 255 255 0 detail suppressed imp...

Page 1018: ...hutdown ip address 20 1 12 2 255 255 255 252 isis enable 64 mpls mpls ldp interface GigabitEthernet2 0 0 undo shutdown ip address 20 1 17 1 255 255 255 252 isis enable 64 mpls mpls ldp interface GigabitEthernet3 0 0 interface GigabitEthernet3 0 0 10 vlan type dot1q 10 ip binding vpn instance NGN_Media ip address 10 22 1 73 255 255 255 252 interface GigabitEthernet3 0 0 11 vlan type dot1q 11 ip bin...

Page 1019: ...ip community filter basic community1 permit 65000 100 return l Configuration file of PE4 sysname PE4 ip vpn instance NGN_Media route distinguisher 65000 10000712 apply label per instance vpn target 65000 100 export extcommunity vpn target 65000 100 65000 200 65000 300 import extcommunity ip vpn instance NGN_Other route distinguisher 65000 30000712 apply label per instance vpn target 65000 300 expo...

Page 1020: ...rface LoopBack0 ipv4 family unicast undo synchronization undo peer 11 11 11 9 enable ipv4 family vpnv4 policy vpn target peer 11 11 11 9 enable peer 11 11 11 9 route policy local_pre import peer 11 11 11 9 route policy comm export peer 11 11 11 9 advertise community ipv4 family vpn instance NGN_Media aggregate 10 22 1 0 255 255 255 0 detail suppressed import route direct ipv4 family vpn instance N...

Page 1021: ...er client enable undo peer 7 7 7 9 enable undo peer 8 8 8 9 enable undo peer 9 9 9 9 enable undo peer 10 10 10 9 enable ipv4 family vpnv4 undo policy vpn target peer client enable peer client reflect client peer client advertise community peer 7 7 7 9 enable peer 7 7 7 9 group client peer 8 8 8 9 enable peer 8 8 8 9 group client peer 9 9 9 9 enable peer 9 9 9 9 group client peer 10 10 10 9 enable ...

Page 1022: ... A is the non client of Router B and Router C Router B and Router C are non clients of each other Figure 8 34 Networking diagram for BGP RR configurations 9 1 1 1 24 RouterA RouterB RouterC RouterD RouterE RouterF RouterH RouterG AS 65010 Cluster1 Cluster2 GE3 0 0 POS1 0 0 POS2 0 0 POS1 0 0 POS2 0 0 POS3 0 0 POS4 0 0 POS1 0 0 POS2 0 0 POS3 0 0 POS4 0 0 POS5 0 0 POS1 0 0 POS2 0 0 POS2 0 0 POS1 0 0 ...

Page 1023: ... Router H here l ID of each cluster 1 is used as an example for the cluster where Router B resides and 2 is used as an example for the cluster where Router C resides Procedure Step 1 Assign an IP address to each interface Assign an IP address to each interface as shown in Figure 8 34 For details about the configuration see the following configuration files Step 2 Configure IBGP peer relationships ...

Page 1024: ...0 pref val 0 internal pre 255 Originator 1 1 1 1 Cluster list 0 0 0 1 Not advertised to any peer yet You can see that Router D has learned the route advertised by Router A from Router B For details see the Originator and Cluster_ID attributes of the route End Configuration Files l Configuration file of Router A sysname RouterA interface GigabitEthernet3 0 0 ip address 9 1 1 1 255 255 255 0 interfa...

Page 1025: ...reflector cluster id 1 peer 10 1 1 2 enable peer 10 1 2 2 enable peer in_rr enable peer in_rr reflect client peer 10 1 4 2 enable peer 10 1 4 2 group in_rr peer 10 1 5 2 enable peer 10 1 5 2 group in_rr return l Configuration file of Router C sysname RouterC interface Pos1 0 0 link protocol ppp ip address 10 1 2 2 255 255 255 0 interface Pos2 0 0 link protocol ppp ip address 10 1 3 1 255 255 255 0...

Page 1026: ...0 interface Pos2 0 0 link protocol ppp ip address 10 1 6 1 255 255 255 0 bgp 65010 router id 4 4 4 4 peer 10 1 4 1 as number 65010 peer 10 1 6 2 as number 65010 ipv4 family unicast undo synchronization peer 10 1 4 1 enable peer 10 1 6 2 enable return NOTE The configuration files of other routers are similar to the configuration file of Router D and are not provided in this document 8 28 7 Example ...

Page 1027: ...002 RouterB POS1 0 0 20 1 1 2 24 RouterC AS 65003 POS1 0 0 20 1 2 2 24 POS3 0 0 20 1 2 1 24 AS 65001 RouterD POS2 0 0 20 1 5 1 24 RouterE POS2 0 0 20 1 5 2 24 POS1 0 0 20 1 3 2 24 POS4 0 0 20 1 3 1 24 POS5 0 0 20 1 4 1 24 POS1 0 0 20 1 4 2 24 RouterA AS 200 RouterF AS 100 GE2 0 0 9 1 1 1 24 POS1 0 0 200 1 1 2 24 POS2 0 0 20 1 1 1 24 Configuration Roadmap The configuration roadmap is as follows 1 C...

Page 1028: ...outerB bgp confederation peer as 65001 RouterB bgp peer 20 1 1 1 as number 65001 RouterB bgp quit Configure Router C RouterC bgp 65003 RouterC bgp router id 3 3 3 3 RouterC bgp confederation id 200 RouterC bgp confederation peer as 65001 RouterC bgp peer 20 1 2 1 as number 65001 RouterC bgp quit Step 3 Establish IBGP connections between the devices in AS 65001 Configure Router A RouterA bgp 65001 ...

Page 1029: ...h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 1 Network NextHop MED LocPrf PrefVal Path Ogn i 9 1 1 0 24 20 1 1 1 0 100 0 65001 100i RouterB display bgp routing table 9 1 1 0 BGP local router ID 2 2 2 2 Local AS number 65002 Paths 1 available 1 best 1 select BGP routing table entry information of 9 1 1 0 24 From 20 1 1 1 1 1 1 1 Route Duration 00h12...

Page 1030: ...me confederation Confederations ensure network connectivity reduce the number of IBGP connections in ASs and reduce network resource consumption End Configuration Files l Configuration file of Router A sysname RouterA interface Pos1 0 0 link protocol ppp undo shutdown ip address 200 1 1 1 255 255 255 0 interface Pos2 0 0 link protocol ppp undo shutdown ip address 20 1 1 1 255 255 255 0 interface P...

Page 1031: ...d 200 confederation peer as 65001 peer 20 1 1 1 as number 65001 ipv4 family unicast undo synchronization peer 20 1 1 1 enable return NOTE The configuration file of Router C is similar to that of Router B and is not provided here l Configuration file of Router D sysname RouterD interface Pos1 0 0 link protocol ppp undo shutdown ip address 20 1 3 2 255 255 255 0 interface Pos2 0 0 link protocol ppp ...

Page 1032: ...B s network communicates with the networks of the other two enterprises using EBGP Due to the competition relationship with enterprise C enterprise A hopes that the routes it advertises to enterprise B are transmitted only in enterprise B not to enterprise C Community attributes can be configured for routes to be advertised by enterprise A to enterprise B in order to address this problem On the ne...

Page 1033: ...S 20 and not to other ASs Data Preparation To complete the configuration you need the following data l Router ID 1 1 1 1 and AS number 10 of Router A l Router ID 2 2 2 2 and AS number 20 of Router B l Router ID 3 3 3 3 and AS number 30 of Router C Procedure Step 1 Configure an IP address for each interface The configuration details are not provided here Step 2 Establish EBGP connections Configure ...

Page 1034: ...outer C in AS 30 View the BGP routing table of Router C RouterC display bgp routing table BGP Local router ID is 3 3 3 3 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 1 Network NextHop MED LocPrf PrefVal Path Ogn 9 1 1 0 24 200 1 3 1 0 20 10i The preceding command output shows that Router C has learned route 9 1 1 0 ...

Page 1035: ...e to any other AS End Configuration Files l Configuration file of Router A sysname RouterA interface GigabitEthernet1 0 0 undo shutdown ip address 9 1 1 1 255 255 255 0 interface Pos2 0 0 link protocol ppp undo shutdown ip address 200 1 2 1 255 255 255 0 bgp 10 router id 1 1 1 1 peer 200 1 2 2 as number 20 ipv4 family unicast undo synchronization network 9 1 1 0 255 255 255 0 peer 200 1 2 2 enable...

Page 1036: ...turn 8 28 9 Example for Configuring Prefix based BGP ORF Prefix based BGP outbound route filtering ORF is used to implement on demand BGP route advertisement Networking Requirements On the network shown in Figure 8 37 Routers A and B are in AS 100 Routers C D and E are in AS 200 Router A requires Router C to send only routing information matching the import policy of Router A but Router C does not...

Page 1037: ...nd between Routers C and E 2 Configure a prefix based import policy on Router A and enable prefix based BGP ORF on Routers A and C Data Preparation To complete the configuration you need the following data l Router IDs 1 1 1 1 and 2 2 2 2 and AS number 100 of Routers A and B respectively l Router IDs 3 3 3 3 4 4 4 4 and 5 5 5 5 and AS number 200 of Routers C D and E respectively Procedure Step 1 C...

Page 1038: ...RouterD bgp peer 20 3 1 2 as number 200 RouterD bgp quit Configure Router E RouterE bgp 200 RouterE bgp router id 5 5 5 5 RouterE bgp peer 20 4 1 2 as number 200 RouterE bgp quit Step 3 Configure a prefix based import policy on Router A Configure Router A RouterA ip ip prefix 1 index 10 permit 20 3 1 0 24 less equal 32 RouterA bgp 100 RouterA bgp peer 20 1 1 2 ip prefix 1 import RouterA bgp quit V...

Page 1039: ...oth RouterC bgp quit Step 5 Verify the configuration View prefix based BGP ORF negotiation information on Router A RouterA display bgp peer 20 1 1 2 verbose BGP Peer is 20 1 1 2 remote AS 200 Type EBGP link BGP version 4 Remote router ID 3 3 3 3 Update group ID 1 BGP current state Established Up for 00h00m01s BGP current event RecvRouteRefresh BGP last state OpenConfirm BGP Peer Up count 2 Receive...

Page 1040: ...er list Import prefix list is 1 No export prefix list No import route policy No export route policy No import distribute policy No export distribute policy View routing information sent by Router C RouterC display bgp routing table peer 20 1 1 1 advertised routes BGP Local router ID is 3 3 3 3 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete ...

Page 1041: ...s 1 1 1 1 255 255 255 255 bgp 100 router id 1 1 1 1 peer 20 1 1 2 as number 200 peer 20 2 1 1 as number 100 ipv4 family unicast undo synchronization import route direct peer 20 1 1 2 enable peer 20 1 1 2 ip prefix 1 import peer 20 1 1 2 capability advertise orf ip prefix both peer 20 2 1 1 enable ip ip prefix 1 index 10 permit 20 3 1 0 24 greater equal 24 less equal 32 return l Configuration file ...

Page 1042: ...terface Pos1 0 0 link protocol ppp ip address 20 3 1 2 255 255 255 252 interface Pos1 0 1 link protocol ppp ip address 20 1 1 2 255 255 255 252 interface Pos1 0 3 link protocol ppp ip address 20 4 1 2 255 255 255 252 interface LoopBack1 ip address 3 3 3 3 255 255 255 255 bgp 200 router id 3 3 3 3 peer 20 1 1 1 as number 100 HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 8 BGP Config...

Page 1043: ...k protocol ppp ip address 20 3 1 1 255 255 255 252 interface LoopBack1 ip address 4 4 4 4 255 255 255 255 bgp 200 router id 4 4 4 4 peer 20 3 1 2 as number 200 ipv4 family unicast undo synchronization peer 20 3 1 2 enable return l Configuration file of Router E sysname RouterE interface Pos1 0 1 link protocol ppp ip address 20 4 1 1 HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 8 B...

Page 1044: ... routers router A is in AS 100 routers B and C are in AS 300 router D is in AS 200 Router A establishes EBGP connections with Routers B and C and Router D establishes EBGP connections with Routers B and C Router A has two BGP routes destined for destination 8 1 1 0 24 Traffic can reach destination 8 1 1 0 24 through either Router B or Router C BGP load balancing can be configured to better utilize...

Page 1045: ... routing loops occur when configuring BGP attributes to implement load balancing Configuration Roadmap The configuration roadmap is as follows 1 Establish EBGP connections between Routers A and B and between Routers A and C to enable ASs to communicate with each other using BGP 2 Establish EBGP connections between Routers D and B and between Routers D and C to enable ASs to communicate with each o...

Page 1046: ...rB bgp peer 200 1 3 1 as number 200 RouterB bgp quit Configure Router C RouterC bgp 300 RouterC bgp router id 3 3 3 3 RouterC bgp peer 200 1 2 1 as number 100 RouterC bgp peer 200 1 4 1 as number 200 RouterC bgp quit Configure Router D RouterD bgp 200 RouterD bgp router id 4 4 4 4 RouterD bgp peer 200 1 3 2 as number 300 RouterD bgp peer 200 1 4 2 as number 300 RouterD bgp ipv4 family unicast Rout...

Page 1047: ...iguration View the routing table of Router A RouterA display bgp routing table 8 1 1 0 24 BGP local router ID 1 1 1 1 Local AS number 100 Paths 2 available 1 best 2 select BGP routing table entry information of 8 1 1 0 24 From 200 1 1 2 2 2 2 2 Route Duration 0d00h03m55s Direct Out interface Pos1 0 0 Original nexthop 200 1 1 2 Qos information 0x0 AS path 200 300 origin igp pref val 0 valid externa...

Page 1048: ...ter B sysname RouterB interface Pos1 0 0 undo shutdown link protocol ppp ip address 200 1 1 2 255 255 255 0 interface Pos2 0 0 undo shutdown link protocol ppp ip address 200 1 3 2 255 255 255 0 interface LoopBack0 ip address 2 2 2 2 255 255 255 255 bgp 300 router id 2 2 2 2 peer 200 1 1 1 as number 100 peer 200 1 3 1 as number 200 ipv4 family unicast undo synchronization peer 200 1 1 1 enable peer...

Page 1049: ...nterface GigabitEthernet3 0 0 undo shutdown ip address 8 1 1 1 255 255 255 0 interface LoopBack0 ip address 4 4 4 4 255 255 255 255 bgp 200 router id 4 4 4 4 peer 200 1 3 2 as number 300 peer 200 1 4 2 as number 300 ipv4 family unicast undo synchronization network 8 1 1 0 255 255 255 0 peer 200 1 3 2 enable peer 200 1 4 2 enable return 8 28 11 Example for Configuring BFD for BGP If the link betwee...

Page 1050: ...en Router A and Router B fails BFD will quickly detect the change in the BGP peer relationship and notify BGP of the change Service traffic then will be switched to the backup link for transmission Figure 8 39 Networking diagram of configuring BFD for BGP GE3 0 0 172 16 1 1 24 GE1 0 0 200 1 1 1 24 GE2 0 0 200 1 2 1 24 GE2 0 0 200 1 1 2 24 RouterB GE1 0 0 9 1 1 1 24 AS 200 GE1 0 0 9 1 1 2 24 Router...

Page 1051: ... files Step 2 Configure basic BGP functions Establish EBGP peer relationships between Router A and Router B and between Router A and Router C and an IBGP peer relationship between Router B and Router C Configure Router A RouterA bgp 100 RouterA bgp router id 1 1 1 1 RouterA bgp peer 200 1 1 2 as number 200 RouterA bgp peer 200 1 1 2 ebgp max hop RouterA bgp peer 200 1 2 2 as number 200 RouterA bgp...

Page 1052: ...le BGP Local router ID is 1 1 1 1 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 2 Network NextHop MED LocPrf PrefVal Path Ogn 172 16 1 0 24 200 1 1 2 100 0 200i 200 1 2 2 150 0 200i As shown in the BGP routing table the next hop address of the route to 172 16 1 0 24 is 200 1 1 2 and service traffic is transmitted on ...

Page 1053: ...igabitethernet 2 0 0 RouterB Gigabitethernet2 0 0 shutdown Check the BGP routing table on Router A RouterA display bgp routing table BGP Local router ID is 1 1 1 1 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 1 Network NextHop MED LocPrf PrefVal Path Ogn 172 16 1 0 24 200 1 2 2 150 0 200i As shown in the BGP routing...

Page 1054: ...tEthernet3 0 0 undo shutdown ip address 172 16 1 1 255 255 255 0 bgp 200 router id 2 2 2 2 peer 9 1 1 2 as number 200 peer 200 1 1 1 as number 100 peer 200 1 1 1 ebgp max hop 255 peer 200 1 1 1 bfd min tx interval 100 min rx interval 100 detect multiplier 4 peer 200 1 1 1 bfd enable ipv4 family unicast undo synchronization network 172 16 1 0 255 255 255 0 peer 9 1 1 2 enable peer 200 1 1 1 enable ...

Page 1055: ...le to start a link switchover This is the traditional switchover mode In this mode service interruption lasts a long time which does not meet the services requirement BGP Auto FRR addresses this problem After BGP Auto FRR is enabled on a Router the Router selects the optimal route to forward packets In addition the Router automatically adds information about the second optimal route to the backup ...

Page 1056: ... A later can select the route for LinkA as the optimal route 3 Configure BGP Auto FRR on Router A to enable the service traffic to be quickly switched to LinkB in case LinkA fails Data Preparation To complete the configuration you need the following data l ID of each Router 1 1 1 1 2 2 2 2 3 3 3 3 and 4 4 4 4 are used as an example as the router IDs of Router A Router B Router C and Router D numbe...

Page 1057: ...Router B and Router C are similar to the configuration on Router D and are not provided here Step 3 Configure routing policies on Router B and Router C specifying different MED values for the routes from Router B or Router C to Router D Configure a routing policy on Router B RouterB route policy rtb permit node 10 RouterB route policy apply cost 80 RouterB route policy quit RouterB bgp 200 RouterB...

Page 1058: ... BGP Auto FRR on Router A RouterA bgp 100 RouterA bgp ipv4 family unicast RouterA bgp af ipv4 auto frr RouterA bgp af ipv4 quit RouterA bgp quit After the configuration is complete run the display ip routing table verbose command on Router A to view routing information RouterA display ip routing table 4 4 4 4 32 verbose Route Flags R relay D download to fib Routing Table Public Summary Count 1 Des...

Page 1059: ...0 1 1 1 as number 100 peer 20 3 1 2 as number 200 ipv4 family unicast peer 20 1 1 1 route policy rtb export route policy rtb permit node 10 apply cost 80 return l Configuration file of Router C sysname RouterC interface Pos1 0 0 ip address 20 2 1 2 255 255 255 0 interface Pos2 0 0 ip address 20 4 1 1 255 255 255 0 bgp 200 router id 3 3 3 3 peer 20 2 1 1 as number 100 peer 20 4 1 2 as number 200 ip...

Page 1060: ...BGP packets and keeps sending them to a device After receiving these packets the device identifies the destination of the packets The forwarding plane of the device then directly sends the packets to the control plane for processing without checking the validity of the packets As a result the device is busy processing these valid packets resulting in high CPU usage GTSM checks whether the TTL valu...

Page 1061: ... 1 9 and AS number 10 of Router A l Router IDs 2 2 2 9 3 3 3 9 and 4 4 4 9 and AS numbers 20 of Routers B and C respectively l TTL values of packets transmitted between Routers A and B between Routers B and C between Routers C and D and between Routers B and D TTL values of packets transmitted between Routers A and B between Routers B and C and between Routers C and D is 1 and TTL values of packet...

Page 1062: ...1 1 1 as number 10 RouterB bgp quit View the connection status of BGP peers RouterB display bgp peer BGP local router ID 2 2 2 9 Local AS number 20 Total number of peers 3 Peers in established state 3 Peer V AS MsgRcvd MsgSent OutQ Up Down State PrefRcv 3 3 3 9 4 20 8 7 0 00 05 06 Established 0 4 4 4 9 4 20 8 10 0 00 05 33 Established 0 30 1 1 1 4 10 7 7 0 00 04 09 Established 0 The preceding comm...

Page 1063: ...configured None Last keepalive received 2012 03 06 19 17 37 UTC 8 00 Last keepalive sent 2012 03 06 19 17 37 UTC 8 00 Last update received 2012 03 06 19 17 43 UTC 8 00 Last update sent 2012 03 06 19 17 37 UTC 8 00 Minimum route advertisement interval is 30 seconds Optional capabilities Route refresh capability has been enabled 4 byte as capability has been enabled GTSM has been enabled valid ttl h...

Page 1064: ...27 37 UTC 8 00 Last keepalive sent 2012 03 06 19 27 37 UTC 8 00 Last update received 2012 03 06 19 27 43 UTC 8 00 Last update sent 2012 03 06 19 27 37 UTC 8 00 Minimum route advertisement interval is 15 seconds Optional capabilities Route refresh capability has been enabled 4 byte as capability has been enabled Nexthop self has been configured Connect interface has been configured GTSM has been en...

Page 1065: ... 2012 03 06 19 37 37 UTC 8 00 Last keepalive sent 2012 03 06 19 37 37 UTC 8 00 Last update received 2012 03 06 19 37 43 UTC 8 00 Last update sent 2012 03 06 19 37 37 UTC 8 00 Minimum route advertisement interval is 15 seconds Optional capabilities Route refresh capability has been enabled 4 byte as capability has been enabled Connect interface has been configured GTSM has been enabled valid ttl ho...

Page 1066: ...keepalive sent 2012 03 06 19 47 37 UTC 8 00 Last update received 2012 03 06 19 47 43 UTC 8 00 Last update sent 2012 03 06 19 47 37 UTC 8 00 Minimum route advertisement interval is 15 seconds Optional capabilities Route refresh capability has been enabled 4 byte as capability has been enabled Nexthop self has been configured Connect interface has been configured GTSM has been enabled valid ttl hops...

Page 1067: ...PFv3 0 0 0 5 RIP 0 0 0 7 BGP 0 0 0 7 BGPv6 0 0 0 7 OSPF 0 0 0 7 LDP 0 0 0 7 OSPFv3 0 0 0 7 RIP 0 0 0 If a host forges BGP packets of Router A to attack Router B the packets are discarded because their TTL values are not 255 when reaching Router B The number of dropped packets increases accordingly in the GTSM statistics of Router B End Configuration Files l Configuration file of Router A sysname R...

Page 1068: ... peer 30 1 1 1 as number 10 peer 30 1 1 1 valid ttl hops 1 ipv4 family unicast undo synchronization import route ospf 1 peer 3 3 3 9 enable peer 3 3 3 9 next hop local peer 4 4 4 9 enable peer 4 4 4 9 next hop local peer 30 1 1 1 enable ospf 1 area 0 0 0 0 network 20 1 1 0 0 0 0 255 network 2 2 2 9 0 0 0 0 return l Configuration file of Router C sysname RouterC interface Pos1 0 0 link protocol ppp...

Page 1069: ...otocol ppp ip address 20 1 2 2 255 255 255 0 interface LoopBack0 ip address 4 4 4 9 255 255 255 255 bgp 20 router id 4 4 4 9 peer 2 2 2 9 as number 20 peer 2 2 2 9 valid ttl hops 2 peer 2 2 2 9 connect interface LoopBack0 peer 3 3 3 9 as number 20 peer 3 3 3 9 valid ttl hops 1 peer 3 3 3 9 connect interface LoopBack0 ipv4 family unicast undo synchronization peer 2 2 2 9 enable peer 3 3 3 9 enable ...

Page 1070: ...ween BGP4 Peers By setting parameters of a connection between BGP4 peers you can adjust and optimize the BGP4 network performance 9 6 Configuring BFD for BGP4 By configuring BFD for BGP4 you can provide a fast fault detection mechanism for BGP4 and therefore speed up network convergence 9 7 Configuring BGP4 PeerTracking On a network where BFD is unsuitable to deploy you can configure BGP4 peer tra...

Page 1071: ...ate IPv6 networks that connect to different ASs over IPv4 tunnels so that these IPv6 networks can communicate 9 15 Configuring BGP4 6PE FRR After you configure 6PE FRR on a device the device can select a backup next hop for received 6PE routes When the next hop of the primary route between PEs becomes unreachable traffic will be quickly switched to the backup next hop 9 16 Configuring BGP4 Securit...

Page 1072: ...ddress It can be an IPv6 global unicast address or the link local address of the next hop BGP4 can be applied to an IPv6 network by using the BGP attribute of multiple protocol extension The message and routing mechanisms of BGP remain unaltered 9 1 2 BGP4 Features Supported by the NE80E 40E The system supports various BGP4 features including load balancing route aggregation route dampening commun...

Page 1073: ...rotocol parameters and IPv6 addresses for interfaces to make link layers of the interfaces Up Data Preparation To configure BGP4 you need the following data No Data 1 Local AS number and Router ID 2 IPv6 address and AS number of the peer 3 Optional Interfaces that set up the BGP4 session 9 2 2 Starting a BGP Process Starting a BGP4 process is a prerequisite for configuring basic BGP4 functions Whe...

Page 1074: ...P4 peers are configured and the BGP4 peer relationship is established Procedure l Configuring an IBGP Peer Perform the following steps on the router on which the IBGP connection needs to be set up 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 Run peer ipv6 address group name as number as number plain as number dot The peer addres...

Page 1075: ...ystem view The system view is displayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 Run peer ipv6 address group name as number as number plain as number dot The IP address and the AS number of a specified BGP peer are specified The AS number of the specified BGP peer should be different from the local AS number If the IP address of the specified peer is that of a loopback i...

Page 1076: ... is avoided NOTE This command can be used on only one of two peers If this command is used on the two peers the connection between the two peers cannot be established 6 Run ipv6 family unicast The BGP IPv6 unicast address family view is displayed 7 Run peer ipv6 address group name enable An IPv6 peer is enabled After configuring a BGP4 peer in the BGP view enable the peer in the BGP IPv6 unicast a...

Page 1077: ...g the Configurations After basic BGP4 functions are configured you can check BGP4 peer information Prerequisites Basic BGP4 functions has been configured Procedure l Run the display bgp ipv6 peer ipv4 address verbose command to check information about the BGP4 peers l Run the display bgp ipv6 peer ipv6 address log info verbose command to check information about the BGP4 peers End 9 3 Configuring B...

Page 1078: ... ignored l Community attribute The community attribute can simplify the management of routing policies The management range of the community attribute is wider than that of the peer group The community attribute can control the routing policies of multiple BGP4 devices l AS_Path attribute After the AS_Path attribute is configured the route with a shorter AS path is selected l Accumulated interior ...

Page 1079: ... of the BGP protocol on the peers is not currently supported End 9 3 3 Configuring BGP4 Preferred Value for Routing Information After the preferred value is configured for routing information the route with the largest preferred value is selected when multiple routes to the same destination exist in the BGP4 routing table Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp...

Page 1080: ...w is displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step 3 Run ipv6 family unicast The BGP IPv6 unicast address family view is displayed Step 4 Run default local preference preference The default Local_Pref of the local router is configured End 9 3 5 Configuring the MED Attribute The Multi_Exit Discriminator MED attribute serves as the metric used by an IGP After ...

Page 1081: ...tes with the same leftmost AS are grouped together and after comparison an optimal route is selected for the group The group optimal route is then compared with optimal routes from other groups to determine the final optimal route This mode of route selection ensures that the sequence in which routes are received is no longer relevant to the result of route selection l Run bestroute med none as ma...

Page 1082: ...isplayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 Run ipv6 family unicast The BGP IPv6 unicast address family view is displayed 4 Run nexthop recursive lookup route policy route policy name The next hop iteration based on the specified routing policy is enabled By default the next hop iteration based on the specified routing policy is disabled The next hop iteration base...

Page 1083: ...ackets in either of the following scenarios The AS_Path of a route contains the AS number of the peer In this case deleting the private AS numbers may lead to a routing loop The AS_Path list contains both public network AS numbers and private AS numbers indicating that the route has passed through the public network Deleting the private AS numbers may lead to a forwarding error To enable the devic...

Page 1084: ...umber of the peer the device replaces the AS number of the peer with the local AS number before advertising routes to the peer NOTICE If the configuration is incorrect the command may cause routing loops End 9 3 8 Configuring the BGP4 Community Attribute The community attribute is used to simplify the management of routing policies The management scope of the community attribute is far larger than...

Page 1085: ...y BGP peers advertise only the extended community attributes carried in routes to a specified peer or peer group and the peer route policy command cannot be used to modify the extended community attributes l Applying the Routing Policies to the Advertised Routing Information 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 Run ipv6 ...

Page 1086: ...ion about the routes matching the specified BGP4 community attribute filter End 9 4 Controlling the Advertising and Receiving of BGP4 Routing Information BGP4 can perform routing policies on or filter only the routes to be advertised to a certain peer 9 4 1 Before You Start Before controlling the advertisement of BGP4 routes familiarize yourself with the usage scenario complete the pre configurati...

Page 1087: ... half life of a reachable route half life of an unreachable route threshold for freeing suppressed routes threshold for suppressing routes and upper limit of the penalty 9 4 2 Configuring BGP4 to Advertise Local IPv6 Routes The local routes to be advertised must be in the local IP routing table You can use routing policies to control the routes to be advertised Procedure Step 1 Run system view The...

Page 1088: ...e IPv6 unicast address family view is displayed Step 4 Run aggregate ipv6 address prefix length as set attribute policy route policy name1 detail suppressed origin policy route policy name2 suppress policy route policy name3 Manual aggregation of routes is configured Manual aggregation is valid for the routing entries in the local BGP4 routing table For example if 9 3 1 64 does not exist in the BG...

Page 1089: ...ipv6 prefix name export protocol process id Imported routes are filtered After BGP4 filters the imported routes only the eligible routes are added to the BGP4 local routing table and advertised to BGP4 peers If protocol process id is specified the routes of the specific routing protocol are filtered If protocol process id is not specified all the local BGP routes to be advertised are filtered incl...

Page 1090: ...ther there are default routes in the routing table End 9 4 6 Configuring the Policy for Advertising BGP4 Routing Information After the policy for advertising routes is configured only the routes that match the policy can be added to the local BGP4 routing table and advertised to BGP4 peers Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number plain as number dot Th...

Page 1091: ...ly Step 5 Optional Run any of the following commands as required l Configure a basic ACL 1 Run quit Return to the BGP view 2 Run quit Return to the system view 3 Run acl ipv6 number acl6 number1 name acl name number acl number2 match order auto config The basic ACL view is displayed 4 Run rule rule id deny permit fragment source source ipv6 address prefix length source ipv6 address prefix length a...

Page 1092: ...er auto config The basic ACL view is displayed 2 Run rule rule id deny permit protocol source source ipv6 address prefix length source ipv6 address prefix length any time range time name A rule is configured for the advanced ACL When a filtering policy of a routing protocol is used to filter routes If the action specified in an ACL rule is permit a route that matches the rule will be received or a...

Page 1093: ...ute policy name import BGP is configured to filter the routes imported from the specified peers l peer ipv4 address ipv6 address group name filter policy acl6 number acl6 name acl6 name import BGP is configured to filter the routes based on the ACL l peer ipv4 address ipv6 address group name as path filter as path filter number as path filter name import BGP is configured to filter the routes base...

Page 1094: ...atching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Route...

Page 1095: ...r Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes Then configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configure a...

Page 1096: ...his command is run all the route updates of the specified peer are kept regardless of whether the filtering policies are used When the BGP connections are soft reset this information can be used to generate the BGP4 routes l Soft Resetting a BGP4 Connection Manually 1 Run refresh bgp ipv6 all ipv4 address ipv6 address group group name external internal export import A BGP4 connection is soft reset...

Page 1097: ...ified Hold time the BGP4 connection is considered as closed When a router sets up a BGP4 connection with its peer the router and the peer need negotiation with each other The Hold time after negotiation is the shorter one between the Hold time of the router and that of its peer If the negotiation result is 0 no Keepalive message is transmitted and whether the Hold timer expires is not detected If ...

Page 1098: ...es of BGP4 timers will interrupt the peer relationship Context NOTICE As the change of the timer with the peer timer command tears down the BGP peer relationship between routers Exercise caution when running this command Procedure l Configure BGP4 timers for all peers or peer groups 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 R...

Page 1099: ...cal device processes the Keepalive messages sent from other BGP peers The peer relationships are then interrupted and routes flap To solve the preceding problem you can configure an appropriate value for min holdtime min holdtime based on the CPU processing capability of the local device If the value of min holdtime is changed but the values of keepalive time and hold time negotiated between two B...

Page 1100: ...lain as number dot The BGP view is displayed Step 3 Run ipv6 family unicast The BGP IPv6 unicast address family view is displayed Step 4 Run peer ipv6 address route update interval interval The interval for sending update packets is set By default the update interval is 15 seconds for the IBGP peers and the update interval is 30 seconds for the EBGP peers End 9 5 4 Setting the BGP4 ConnectRetry In...

Page 1101: ...6 address timer connect retry connect retry time A ConnectRetry interval is set on a peer or peer group By default the ConnectRetry interval is 32s The ConnectRetry interval configured on a peer or peer group takes precedence over a global ConnectRetry interval End 9 5 5 Configuring the Rate at which BGP4 Updates Routes in Response to Non critical Iteration Changes You can configure the rate at wh...

Page 1102: ...lowing data No Data 1 Interval at which BGP updates routes in response to non critical iteration changes and the number of routes that are updated during the interval Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step 3 Run ipv6 family unicast The IPv6 unicast address family view is displayed Step 4 Run nexthop ...

Page 1103: ...e l Run the display bgp ipv6 peer ipv4 address verbose command to check detailed information about the BGP4 peers l Run the display bgp ipv6 peer ipv6 address log info verbose command to check information about the BGP4 peers End Example Run the display bgp ipv6 peer ipv6 address verbose command in the system view You can view the configured Keepalive period holdtime ConnectRetry interval and inte...

Page 1104: ...tasks and obtain the required data This can help you complete the configuration task quickly and accurately Applicable Environment BFD can rapidly detect IPv6 forwarding failures By adopting the BFD fast detection mechanism an IPv6 network can transmit voice services video services and VoD services with high QoS This enables service provides to provide their customers with highly available and rel...

Page 1105: ... can fast detect the BGP4 route status A BFD session can be established only when two BGP4 peers are in the Established state Context Perform the following steps on BGP4 devices at the two ends of a link on which a BFD session needs to be set up Procedure Step 1 Run system view The system view is displayed Step 2 Run bfd Global BFD is enabled on the node Step 3 Run quit Back to the system view Ste...

Page 1106: ...receiving BFD packets Actual interval for the local device to receive BFD packets max Remotely configured interval for transmitting BFD packets Locally configured interval for receiving BFD packets and Local detection period Actual interval for receiving BFD packets x Remotely configured BFD detection multiplier For example l On the local device the configured interval for transmitting BFD packets...

Page 1107: ...k configuring BFD for BGP4 can fast detect the status of VPN BGP4 routes A BFD session can be established only when two BGP4 peers are in the Established state Context Perform the following steps on the BGP devices at the both ends of the link that needs to set up a BFD session Procedure Step 1 Run system view The system view is displayed Step 2 Run bfd Global BFD is enabled on the node Step 3 Run...

Page 1108: ...e to send BFD packets max Locally configured interval for transmitting BFD packets Remotely configured interval for receiving BFD packets Actual interval for the local device to receive BFD packets max Remotely configured interval for transmitting BFD packets Locally configured interval for receiving BFD packets and Local detection period Actual interval for receiving BFD packets x Remotely config...

Page 1109: ... BFD for BGP4 has been configured Procedure l Run the display bgp ipv6 bfd session vpnv6 vpn instance vpn instance name peer ipv6 address all command to check the BFD sessions established by BGP4 l Run the display bgp vpnv6 vpn instance vpn instance name peer ipv6 address verbose command to check BGP4 peers l Run the display bgp ipv6 group group name command to check BGP peer groups l Run the disp...

Page 1110: ...guring basic BGP4 functions Data Preparation To configure BGP4 peer tracking you need the following data No Data 1 Optional Delay for tearing down a connection 9 7 2 Enabling BGP4 Peer Tracking Easy to deploy BGP4 peer tracking can speed up network convergence and adjust the interval between a peer s being discovered unreachable and the connection s being torn down Procedure Step 1 Run system view...

Page 1111: ...P peer or peer group Prerequisite All BGP4 peer tracking configurations are complete Checking the Configurations Run the following commands to check the previous configuration l Run the display bgp ipv6 peer ipv6 address verbose command to check information about the BGP4 peer l Run the display bgp ipv6 group group name command to check information about the BGP4 peer group 9 8 Configuring BGP4 Ro...

Page 1112: ...m view is displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step 3 Run ipv6 family unicast The BGP IPv6 unicast address family view is displayed Step 4 Run dampening half life reach reuse suppress ceiling route policy route policy name The parameters are configured for BGP4 route dampening End 9 8 3 Checking the Configurations After BGP4 route dampening is configured...

Page 1113: ...licies to allow traffic to be balanced For example use a routing policy to modify the Local_Pref AS_Path Origin and Multi_Exit Discriminator MED attributes of BGP routes to direct traffic to different forwarding paths for load balancing For details on how to modify attributes of BGP routes see Configuring BGP4 Route Attributes l Use multiple paths for load balancing In this method multiple equal c...

Page 1114: ...tion addresses carry out load balancing on the public network the system determines the type of optimal routes first If the optimal routes are IBGP routes only IBGP routes carry out load balancing If the optimal routes are EBGP routes only EBGP routes carry out load balancing This means that load balancing cannot be implemented among IBGP and EBGP routes with the same destination address Step 5 Op...

Page 1115: ...urations l Run the display bgp ipv6 routing table ipv6 address prefix length command to check routing information in an IPv6 BGP routing table l Run the display ipv6 routing table verbose command to view the IPv6 routing table Display the routing information in an IPv6 BGP routing table HUAWEI display ipv6 routing table vpn instance vpn1 BGP Local router ID is 1 1 1 1 Status codes valid best d dam...

Page 1116: ...en 10 NextHop LocPrf MED 0 PrefVal 0 Label Path Ogn Display the routing information in the IPv6 routing table HUAWEI display ipv6 routing table Routing Table Public Destinations 9 Routes 12 Destination 1 PrefixLength 128 NextHop 1 Preference 0 Cost 0 Protocol Direct RelayNextHop TunnelID 0x0 Interface InLoopBack0 Flags D Destination 2001 db8 1 1 PrefixLength 128 NextHop 2001 db8 2001 2 Preference ...

Page 1117: ... Destination 2001 db8 2003 PrefixLength 64 NextHop 2001 db8 2002 2 Preference 255 Cost 0 Protocol EBGP RelayNextHop TunnelID 0x0 Interface Pos1 0 1 Flags D Destination 2001 db8 2004 PrefixLength 64 NextHop 2001 db8 2001 2 Preference 255 Cost 0 Protocol EBGP RelayNextHop TunnelID 0x0 Interface Pos1 0 0 Flags D Destination 2001 db8 2004 PrefixLength 64 NextHop 2001 db8 2002 2 Preference 255 Cost 0 P...

Page 1118: ...s performed according to the position of the peers in the same external AS Pre configuration Tasks Before configuring a BGP4 peer group complete the following task l Configuring Basic BGP4 Functions Data Preparation To configure a BGP4 peer group you need the following data No Data 1 Type name of the peer group and the member peers 9 10 2 Creating an IBGP Peer Group When BGP4 has multiple IBGP pee...

Page 1119: ...up to simplify the management of routing policies All the peers in a pure EBGP peer group must have the same AS number Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step 3 Run group group name external A pure EBGP peer group is configured Step 4 Run peer group name as number as number plain as number dot The AS ...

Page 1120: ...ecify the AS number for each peer Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step 3 Run group group name external A mixed EBGP peer group is created Step 4 Run peer ipv6 address as number as number plain as number dot The AS number of the IPv6 peer is set Step 5 Run ipv6 family unicast The BGP IPv6 unicast ad...

Page 1121: ...4 route reflector RR familiarize yourself with the usage scenario complete the pre configuration tasks and obtain the required data This can help you complete the configuration task quickly and accurately Applicable Environment To ensure the connectivity between IBGP peers inside an AS you need to establish full meshed IBGP peers When there are many IBGP peers establishing a full meshed network co...

Page 1122: ...ctor In addition this command specifies the peers that serve as its clients End 9 11 3 Optional Disabling a Route Reflection Between Clients If the clients of a route reflector are fully meshed you can disable route reflection between clients to reduce the cost Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step ...

Page 1123: ...there are multiple route reflectors in a cluster you can use the command to configure all the route reflectors in this cluster with the same cluster ID This avoids routing loops End 9 11 5 Optional Preventing BGP4 Routes from Being Added into the IPv6 Routing Table Disabling BGP4 route delivery to the IPv6 routing table on a route reflector RR can prevent traffic from being forwarded by the RR imp...

Page 1124: ...elivered to the IPv6 routing table and routes not matching the policy are delivered to the IPv6 routing table with the route attributes unchanged NOTE The routing table rib only command and the active route advertise command are mutually exclusive End 9 11 6 Optional Enabling the RR to Modify the Route Attributes Using the Export Policy You can enable the route reflector RR to modify the route att...

Page 1125: ...ibutes of BGP4 routes l Run the apply cost command to modify the cost of BGP4 routes that is to modify its Multi_Exit Discriminator MED l Run the apply ipv6 next hop command to modify the next hop of BGP4 routes l Run the apply local preference command to modify the local preference of BGP4 routes l Run the apply origin command to modify the Origin attributes of BGP4 routes l Run the apply extcomm...

Page 1126: ...mplete the configuration task quickly and accurately Applicable Environment The confederation is a method of handling the abrupt increase of IBGP connections in an AS The confederation divides an AS into multiple sub ASs In each sub AS IBGP peers can be full meshed or be configured with a route reflector EBGP connections are set up between sub ASs Pre configuration Tasks Before configuring a BGP4 ...

Page 1127: ...mbers and the new speaker with 4 byte AS numbers cannot exist in the same confederation Otherwise routing loops may occur because AS4_Path does not support confederations l Configuring the Compatibility of a Confederation 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 Run confederation nonstandard The compatibility of the confeder...

Page 1128: ...BGP and implements IPv6 interworking through tunnels between PEs Pre configuration Tasks Before configuring BGP4 6PE complete the following task l Establishing BGP4 peer relationship between PEs and CEs l Establishing tunnels between PEs NOTE MPLS label switched paths LSPs MPLS Local IFNET tunnels MPLS TE tunnels and GRE tunnels are often used between PEs to transmit IPv6 packets By default a PE u...

Page 1129: ...t needs to be configured with 6PE are specified Step 4 Run ipv6 family unicast The BGP IPv6 unicast address family view is displayed Step 5 Run peer ipv4 address enable A 6PE peer is configured in the IPv6 unicast address family view Step 6 Run peer ipv4 address label route capability The capability of sending labeled routes is enabled End 9 13 3 Optional Enabling 6PE Routes Sharing the Explicit N...

Page 1130: ...ly label explicit null All 6PE routes to be sent to the same 6PE peer share the explicit null label If you run this command after a 6PE peer relationship is established temporary packet loss occurs End 9 13 4 Checking the Configurations After BGP4 IPv6 Provider Edge 6PE is configured you can check BGP4 6PE peer information Prerequisites BGP4 6PE has been configured Procedure l Run the display bgp ...

Page 1131: ... at different locations using MPLS tunnels on an existing IPv4 network Separate IPv6 networks can be connected using multiple tunneling techniques 6PE implements IPv4 IPv6 dual stack on service provider PEs and uses MP BGP to assign labels to IPv6 routes enabling IPv6 networks to communicate over tunnels between PEs In practical application different metropolitan area networks MANs of a service pr...

Page 1132: ...NET tunnels MPLS TE tunnels or GRE tunnels with PEs or other ASBRs By default a PE or an ASBR uses an MPLS LSP to transmit IPv6 packets If you want a PE or an ASBR to transmit IPv6 packets over an MPLS TE or a GRE tunnel run the tunnel selector command in the system view to configure a tunnel selector on the PE or ASBR and run the tunnel selector command in the BGP view to apply the tunnel selecto...

Page 1133: ...PEs to re allocate labels and cause temporary packet loss By default each 6PE route is assigned a label The number of required labels is proportionate to the number of 6PE routes to be sent to the 6PE peer If a large number of 6PE routes are to be sent a large number of labels are required After 6PE routes to be sent to the same 6PE peer are configured to share the same explicit null label all the...

Page 1134: ... view is displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step 3 Run peer ipv4 address as number as number plain as number dot The IP address and AS number of the 6PE peer are specified A PE only needs to establish an IBGP peer relationship with the ASBR in the same AS An ASBR must establish an IBGP peer relationship with the PE in the same AS and an EBGP peer relat...

Page 1135: ...blic network BGP route from the peer ASBR assigns a label to this route and advertises this route to its IBGP peer a PE in the same AS Then a complete LSP is established between the ingress and egress PEs on the public network For more information see Configuring Inter AS VPN OptionC Solution 1 in NE80E 40E Configuration Guide VPN l Solution 2 The IBGP peer relationship between the PE and ASBR in ...

Page 1136: ...The function to send labeled routes is enabled Step 8 Optional Run apply label explicit null 6PE routes to be sent to the same 6PE peer are configured to share the same explicit null label NOTE If a 6PE peer relationship has been established running this command will trigger PEs to re allocate labels and cause temporary packet loss By default each 6PE route is assigned a label The number of requir...

Page 1137: ...mber of peers 2 Peers in established state 2 Peer V AS MsgRcvd MsgSent OutQ Up Down State PrefRcv 5 5 5 5 4 200 38 39 0 00 34 02 Established 1 2001 db8 1 1 4 300 27 41 0 00 24 54 Established 1 Run the display ipv6 routing table command on each CE The command output shows the IPv6 routes received from the peer CE Display IPv6 route information CE display ipv6 routing table Routing Table Public Dest...

Page 1138: ...GP4 IPv6 Provider Edge 6PE FRR familiarize yourself with the usage scenario pre configuration tasks and required data This can help you complete the configuration task quickly and accurately Applicable Environment 6PE services are sensitive to the packet loss and delay If high requirements are imposed on the reliability of the IPv4 MPLS network that carries the 6PE services you can enable 6PE FRR ...

Page 1139: ...rimary route between PEs becomes unreachable the traffic can be quickly redirected to the backup next hop Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step 3 Run ipv6 family unicast The BGP IPv6 unicast address family view is displayed Step 4 Run auto frr The 6PE FRR function is enabled The function of the auto...

Page 1140: ...ate packets is configured An appropriate delay ensures that traffic switches back to the primary path after the intermediate device on the primary path completes refreshing forwarding entries The delay value value is an integer ranging from 0 to 3600 in seconds The default delay value value is 0 indicating that the intermediate device on the primary path sends Update packets without a delay The de...

Page 1141: ...0x3 9 16 Configuring BGP4 Security To improve BGP4 security you can perform TCP connection authentication 9 16 1 Before You Start Before configuring BGP4 network security familiarize yourself with the usage scenario complete the pre configuration tasks and obtain the required data This can help you complete the configuration task quickly and accurately Applicable Environment l BGP4 authentication ...

Page 1142: ...pports BGP4 GTSM l GTSM supports only unicast addresses therefore GTSM needs to be configured on all the routers configured with routing protocols Pre configuration Tasks Before configuring BGP4 security complete the following task l Configuring Basic BGP4 Functions Data Preparation Before configure BGP4 security you need the following data No Data 1 BGP4 peer address or name of the peer group of ...

Page 1143: ...4 peers and BGP4 messages cannot be exchanged Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number plain as number dot The BGP view is displayed Step 3 Run peer ipv6 address group name keychain keychain name The Keychain authentication is configured You must configure Keychain authentication on both BGP peers Note that encryption algorithms and passwords configure...

Page 1144: ...roup After the BGP4 GTSM policy is configured an interface board checks the TTL values of all BGP4 packets According to the actual networking requirements you can configure GTSM to discard or process the packets that do not match the GTSM policy If you configure GTSM to discard the packets that do not match the GTSM policy by default you can configure the range of finite TTL values according to th...

Page 1145: ...he total number of OSPF packets the number of packets that match the GTSM policy and the number of discarded packets l Run the display bgp ipv6 peer ipv6 address verbose command to check information about BGP4 GTSM l Run the display bgp group group name command to check GTSM of a BGP4 peer group End 9 17 Maintaining BGP4 Maintaining BGP4 involves resetting a BGP4 connection and clearing BGP4 stati...

Page 1146: ...ll the BGP4 connections l To validate the new configuration run the reset bgp ipv6 as number plain as number dot graceful command in the user view to reset the BGP 4 connections between the peers in a specified AS l To validate the new configuration run the reset bgp ipv6 ipv4 address ipv6 address group group name graceful command in the user view to reset the BGP 4 connections with the specified ...

Page 1147: ...this document 9 18 1 Example for Configuring Basic BGP4 Functions Before building BGP4 networks you need to configure basic BGP4 functions Networking Requirement As shown in Figure 9 1 there are two ASs 65008 and 65009 Router A belongs to AS 65008 Router B Router C and Router D belong to AS65009 BGP4 is required to exchange the routing information between the two ASs Figure 9 1 Networking diagram ...

Page 1148: ...erB bgp af ipv6 network 2001 db8 3 64 RouterB bgp af ipv6 quit RouterB bgp quit Configure Router C RouterC ipv6 RouterC bgp 65009 RouterC bgp router id 3 3 3 3 RouterC bgp peer 2001 db8 3 1 as number 65009 RouterC bgp peer 2001 db8 2 2 as number 65009 RouterC bgp ipv6 family unicast RouterC bgp af ipv6 peer 2001 db8 3 1 enable RouterC bgp af ipv6 peer 2001 db8 2 2 enable RouterC bgp af ipv6 networ...

Page 1149: ...e PrefRcv 2001 db8 1 2 4 65009 8 9 0 00 05 37 Established 2 2001 db8 3 2 4 65009 2 2 0 00 00 09 Established 2 2001 db8 10 2 4 65008 9 7 0 00 05 38 Established 2 The routing table shows that Router B has set up BGP4 connections with other routers Display the routing table of Router A RouterA display bgp ipv6 routing table BGP Local router ID is 1 1 1 1 Status codes valid best d damped h history i i...

Page 1150: ...enable ipv6 address 2001 db8 10 2 64 bgp 65008 router id 1 1 1 1 peer 2001 db8 10 1 as number 65009 ipv4 family unicast undo synchronization ipv6 family unicast network 2001 db8 8 64 network 2001 db8 10 64 peer 2001 db8 10 1 enable return l Configuration file of Router B sysname RouterB ipv6 interface Pos1 0 0 link protocol ppp ipv6 enable ipv6 address 2001 db8 1 1 64 interface Pos2 0 0 link proto...

Page 1151: ... 64 interface Pos3 0 0 link protocol ppp ipv6 enable ipv6 address 2001 db8 3 2 64 bgp 65009 router id 3 3 3 3 peer 2001 db8 3 1 as number 65009 peer 2001 db8 2 2 as number 65009 ipv4 family unicast undo synchronization ipv6 family unicast network 2001 db8 2 64 network 2001 db8 3 64 peer 2001 db8 3 1 enable peer 2001 db8 2 2 enable return l Configuration file of Router D sysname RouterD ipv6 interf...

Page 1152: ...r B and Router D need not set up an IBGP connection When Router C receives the route update packet from Router B it reflects the information to Router D Similarly when Router C receives the route update packet from Router D it reflects the information to Router B Figure 9 2 Networking diagram of configuring BGP4 route reflection GE1 0 0 2001 db8 1 1 64 GE2 0 0 2001 db8 100 1 96 GE2 0 0 2001 db8 10...

Page 1153: ...uterB bgp 200 RouterB bgp router id 2 2 2 2 RouterB bgp peer 2001 db8 100 1 as number 100 RouterB bgp peer 2001 db8 101 1 as number 200 RouterB bgp ipv6 family unicast RouterB bgp af ipv6 peer 2001 db8 100 1 enable RouterB bgp af ipv6 peer 2001 db8 101 1 enable RouterB bgp af ipv6 network 2001 db8 100 96 RouterB bgp af ipv6 network 2001 db8 101 96 RouterB bgp af ipv6 quit RouterB bgp quit Configur...

Page 1154: ...xtHop 2001 db8 100 1 LocPrf MED 0 PrefVal 0 Label Path Ogn 100 i Network 2001 db8 100 PrefixLen 96 NextHop LocPrf MED 0 PrefVal 0 Label Path Ogn i NextHop 2001 db8 100 1 LocPrf MED 0 PrefVal 0 Label Path Ogn 100 i Network 2001 db8 101 PrefixLen 96 NextHop LocPrf MED 0 PrefVal 0 Label Path Ogn i i NextHop 2001 db8 101 1 LocPrf 100 MED 0 PrefVal 0 Label Path Ogn i i Network 2001 db8 102 PrefixLen 96...

Page 1155: ...rtised by Router A from Router C End Configuration Files l Configuration file of Router A sysname RouterA ipv6 interface GigabitEthernet1 0 0 ipv6 enable ipv6 address 2001 db8 1 1 64 interface GigabitEthernet2 0 0 ipv6 enable ipv6 address 2001 db8 100 1 96 bgp 100 router id 1 1 1 1 peer 2001 db8 100 2 as number 200 ipv6 family unicast undo synchronization network 2001 db8 1 64 network 2001 db8 100...

Page 1156: ...1 db8 101 1 96 bgp 200 router id 3 3 3 3 peer 2001 db8 101 2 as number 200 peer 2001 db8 102 2 as number 200 ipv6 family unicast undo synchronization network 2001 db8 101 96 network 2001 db8 102 96 peer 2001 db8 101 2 enable peer 2001 db8 101 2 reflect client peer 2001 db8 102 2 enable peer 2001 db8 102 2 reflect client return l Configuration file of Router D sysname RouterD ipv6 interface Gigabit...

Page 1157: ... session between Router A and Router B When the link between Router A and Router B fails BFD can rapidly detect the failure and notify BGP of the failure Traffic is transmitted on the standby link Figure 9 3 Networking diagram of configuring BFD for BGP4 GE3 0 0 2001 db8 7 1 64 GE1 0 0 2001 db8 8 1 64 GE2 0 0 2001 db8 10 1 64 GE2 0 0 2001 db8 8 2 64 RouterB GE1 0 0 2001 db8 9 1 1 64 AS 200 GE1 0 0...

Page 1158: ... RouterA bgp af ipv6 quit RouterA bgp quit Configure Router B RouterB bgp 200 RouterB bgp router id 2 2 2 2 RouterB bgp peer 2001 db8 8 1 as number 100 RouterB bgp peer 2001 db8 9 1 2 as number 200 RouterB bgp ipv6 family unicast RouterB bgp af ipv6 peer 2001 db8 8 1 enable RouterB bgp af ipv6 peer 2001 db8 9 1 2 enable RouterB bgp af ipv6 network 2001 db8 7 1 64 RouterB bgp af ipv6 quit RouterB b...

Page 1159: ...splay bgp ipv6 routing table BGP Local router ID is 1 1 1 1 Status codes valid best d damped h history i internal s suppressed S Stale Origin i IGP e EGP incomplete Total Number of Routes 2 Network 2001 db8 7 PrefixLen 64 NextHop 2001 db8 8 2 LocPrf MED 100 PrefVal 0 Label Path Ogn 200 i NextHop 2001 db8 10 2 LocPrf MED 150 PrefVal 0 Label Path Ogn 200 i As shown in the BGP routing table the next ...

Page 1160: ... interval m 0 Step 5 Verify the Configuration Run the shutdown command on GE 2 0 0 of Router B to simulate the active link failure RouterB interface gigabitethernet 2 0 0 RouterB Gigabitethernet2 0 0 shutdown Step 6 Display the routing table on Router A RouterA display bgp ipv6 routing table BGP Local router ID is 1 1 1 1 Status codes valid best d damped h history i internal s suppressed S Stale O...

Page 1161: ...hronization peer 2001 db8 8 2 enable peer 2001 db8 10 2 enable return l Configuration file of Router B sysname RouterB sysname RouterB ipv6 bfd interface interface GigabitEthernet2 0 0 shutdown ipv6 enable ipv6 address 2001 db8 8 2 64 interface GigabitEthernet1 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 9 1 1 64 interface GigabitEthernet3 0 0 undo shutdown ipv6 enable ipv6 address 2001 db...

Page 1162: ...t2 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 10 2 64 interface LoopBack0 ip address 3 3 3 3 255 255 255 255 bgp 200 router id 3 3 3 3 peer 2001 db8 9 1 1 as number 200 peer 2001 db8 10 1 as number 100 ipv4 family unicast undo synchronization ipv6 family unicast undo synchronization peer 2001 db8 9 1 1 enable peer 2001 db8 10 1 enable peer 2001 db8 10 1 route policy 10 export route policy...

Page 1163: ...1 0 0 2001 db8 2 1 64 Configuration Roadmap The configuration roadmap is as follows 1 Configure OSPF on PE1 and PE2 to make them learn loopback interface addresses from each other 2 Configure BGP4 between CE1 and PE1 and between PE2 and CE2 3 Configure MPLS on PE1 and PE2 and set up the LSP 4 Configure 6PE on PE1 and PE2 Data Preparation To complete the configuration you need the following data l ...

Page 1164: ...r 2001 db8 2 2 as number 200 CE2 bgp ipv6 family unicast CE2 bgp af ipv6 peer 2001 db8 2 2 enable CE2 bgp af ipv6 network 2001 db8 6 6 64 CE2 bgp af ipv6 quit CE2 bgp quit Check whether the neighbor relationship is set up on PE1 and PE2 PE1 display bgp ipv6 peer BGP local router ID 2 2 2 2 Local AS number 200 Total number of peers 1 Peers in established state 1 Peer V AS MsgRcvd MsgSent OutQ Up Do...

Page 1165: ...e OutInterface Vrf Name Step 5 Configure 6PE Configure PE1 PE1 bgp 200 PE1 bgp peer 3 3 3 3 as number 200 PE1 bgp peer 3 3 3 3 connect interface LoopBack0 PE1 bgp ipv6 family unicast PE1 bgp af ipv6 peer 3 3 3 3 enable PE1 bgp af ipv6 peer 3 3 3 3 label route capability PE1 bgp af ipv6 import route direct PE1 bgp af ipv6 quit PE1 bgp quit Configure PE2 PE2 bgp 200 PE2 bgp peer 2 2 2 2 as number 20...

Page 1166: ...yNextHop TunnelID 0x0 Interface Pos1 0 0 Flags D Destination 2001 db8 1 1 PrefixLength 128 NextHop 1 Preference 0 Cost 0 Protocol Direct RelayNextHop TunnelID 0x0 Interface Pos1 0 0 Flags D Destination 2001 db8 2 PrefixLength 64 NextHop 2001 db8 1 2 Preference 255 Cost 0 Protocol EBGP RelayNextHop TunnelID 0x0 Interface Pos1 0 0 Flags D Destination 2001 db8 5 PrefixLength 64 NextHop 2001 db8 5 5 P...

Page 1167: ... packet loss round trip min avg max 60 80 90 ms From the preceding display you can view that 6PE connects the separated IPv6 networks and realizes interworking End Configuration Files l Configuration file of CE1 sysname CE1 ipv6 interface Pos1 0 0 link protocol ppp ipv6 enable ipv6 address 2001 db8 1 1 64 interface LoopBack0 ip address 1 1 1 1 255 255 255 255 interface LoopBack1 ipv6 enable ipv6 a...

Page 1168: ...ast undo synchronization import route direct peer 3 3 3 3 enable peer 3 3 3 3 label route capability peer 2001 db8 1 1 enable ospf 1 area 0 0 0 0 network 2 2 2 2 0 0 0 0 network 20 0 0 0 0 0 0 3 return l Configuration file of PE2 sysname PE2 ipv6 mpls lsr id 3 3 3 3 mpls mpls ldp interface Pos2 0 0 link protocol ppp ip address 20 0 0 2 255 255 255 252 mpls mpls ldp interface Pos1 0 0 link protocol...

Page 1169: ...opBack0 ip address 4 4 4 4 255 255 255 255 interface LoopBack1 ipv6 enable ipv6 address 2001 db8 6 6 64 bgp 300 peer 2001 db8 2 2 as number 200 ipv4 family unicast undo synchronization ipv6 family unicast undo synchronization network 2001 db8 6 64 peer 2001 db8 2 2 enable return 9 18 5 Example for Configuring Inter AS 6PE OptionB with ASBRs as PEs This section provides an example of how to configu...

Page 1170: ...Es ASBR2 AS 200 ASBR1 AS 100 GE1 0 0 2001 db8 1 2 64 GE1 0 1 20 1 1 1 24 GE1 0 2 20 1 1 2 24 GE1 0 0 2001 db8 2 2 64 CE1 CE2 GE1 0 0 2001 db8 1 1 64 GE1 0 0 2001 db8 2 1 64 Loopback1 2001 db8 5 5 64 Loopback1 2001 db8 6 6 64 AS 400 AS 300 Configuration Roadmap The configuration roadmap is as follows 1 Enable MPLS globally and on the interfaces between ASBR1 and ASBR2 to ensure that ASBRs can use M...

Page 1171: ...BR1 bgp peer 20 1 1 2 as number 200 ASBR1 bgp ipv6 family unicast ASBR1 bgp af ipv6 peer 20 1 1 2 enable ASBR1 bgp af ipv6 peer 20 1 1 2 label route capability ASBR1 bgp af ipv6 quit ASBR1 bgp quit Configure ASBR2 ASBR2 bgp 200 ASBR2 bgp peer 20 1 1 1 as number 100 ASBR2 bgp ipv6 family unicast ASBR2 bgp af ipv6 peer 20 1 1 1 enable ASBR2 bgp af ipv6 peer 20 1 1 1 label route capability ASBR2 bgp ...

Page 1172: ...tionships have been established ASBR1 display bgp ipv6 peer BGP local router ID 20 1 1 1 Local AS number 100 Total number of peers 2 Peers in established state 2 Peer V AS MsgRcvd MsgSent OutQ Up Down State PrefRcv 20 1 1 2 4 200 8 8 0 00 05 01 Established 1 2001 db8 1 1 4 300 818 821 0 13 35 29 Established 1 ASBR2 display bgp ipv6 peer BGP local router ID 2 2 2 2 Local AS number 200 Total number ...

Page 1173: ...NextHop 2001 db8 1 2 Preference 255 Cost 0 Protocol EBGP RelayNextHop TunnelID 0x0 Interface GigabitEthernet1 0 0 Flags D Destination FE80 PrefixLength 10 NextHop Preference 0 Cost 0 Protocol Direct RelayNextHop TunnelID 0x0 Interface NULL0 Flags D Ping the Loopback1 interface of CE2 from CE1 The command output shows that the Loopback1 interface of CE2 can be pinged CE1 ping ipv6 a 2001 db8 5 5 20...

Page 1174: ...le sysname ASBR1 ipv6 mpls lsr id 1 1 1 1 mpls interface GigabitEthernet1 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 1 2 64 interface GigabitEthernet1 0 1 undo shutdown ip address 20 1 1 1 255 255 255 0 mpls interface LoopBack1 ip address 1 1 1 1 255 255 255 255 bgp 100 peer 20 1 1 2 as number 200 peer 2001 db8 1 1 as number 300 ipv4 family unicast undo synchronization peer 20 1 1 2 enabl...

Page 1175: ...ion peer 20 1 1 1 enable ipv6 family unicast undo synchronization peer 20 1 1 1 enable peer 20 1 1 1 label route capability peer 2001 db8 2 1 enable return l CE2 configuration file sysname CE2 ipv6 interface GigabitEthernet1 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 2 1 64 interface LoopBack1 ipv6 enable ipv6 address 2001 db8 6 6 64 bgp 400 router id 4 4 4 4 peer 2001 db8 2 2 as number 2...

Page 1176: ...established between PE1 and ASBR1 between PE2 and ASBR2 and between ASBR1 and ASBR2 BGP4 runs between CE1 and PE1 and between PE2 and CE2 IBGP runs between PE1 and ASBR1 and between PE2 and ASBR2 EBGP runs between ASBR1 and ASBR2 An MPLS tunnel has been established between PE1 and PE2 Figure 9 6 Networking diagram for inter AS 6PE OptionB PE2 ASBR2 AS 200 ASBR1 PE1 AS 100 GE1 0 0 2001 db8 1 2 64 L...

Page 1177: ...and assign an IP address to each interface as shown in Figure 9 6 For more information about the configuration see the following configuration files Step 2 Configure an IGP on the MPLS backbone networks of AS 100 and AS 200 so that the PEs and ASBRs on each MPLS backbone network can communicate with each other This section uses OSPF as an example For more information about the configuration see th...

Page 1178: ...ions on ASBR2 and enable LDP on the interface connected to PE2 ASBR2 mpls lsr id 4 4 4 4 ASBR2 mpls ASBR2 mpls quit ASBR2 mpls ldp ASBR2 mpls ldp quit ASBR2 interface gigabitethernet 1 0 1 ASBR2 GigabitEthernet1 0 1 mpls ASBR2 GigabitEthernet1 0 1 mpls ldp ASBR2 GigabitEthernet1 0 1 quit Configure basic MPLS functions on PE2 and enable LDP on the interface connected to ASBR2 PE2 mpls lsr id 5 5 5 ...

Page 1179: ...E1 bgp af ipv6 peer 3 3 3 3 label route capability PE1 bgp af ipv6 quit PE1 bgp quit Configure ASBR1 ASBR1 bgp 100 ASBR1 bgp peer 2 2 2 2 as number 100 ASBR1 bgp peer 2 2 2 2 connect interface LoopBack 1 ASBR1 bgp ipv6 family unicast ASBR1 bgp af ipv6 peer 2 2 2 2 enable ASBR1 bgp af ipv6 peer 2 2 2 2 label route capability ASBR1 bgp af ipv6 quit ASBR1 bgp quit 2 Configure PE2 and ASBR2 Configure ...

Page 1180: ...BR2 bgp quit Step 5 Configure CE1 to communicate with PE1 and CE2 to communicate with PE2 Configure CE1 CE1 ipv6 CE1 bgp 300 CE1 bgp router id 1 1 1 1 CE1 bgp peer 2001 db8 1 2 as number 100 CE1 bgp ipv6 family unicast CE1 bgp af ipv6 peer 2001 db8 1 2 enable CE1 bgp af ipv6 network 2001 db8 5 64 CE1 bgp af ipv6 quit CE1 bgp quit Configure PE1 PE1 ipv6 PE1 bgp 100 PE1 bgp peer 2001 db8 1 1 as numb...

Page 1181: ...shed 1 2001 db8 2 1 4 400 1227 1243 0 20 24 20 Established 1 Step 6 Check the configurations Run the display ipv6 routing table command on each CE The command output shows that the two CEs have learned the routes to each other s Loopback1 interface The following example uses the display on CE1 CE1 display ipv6 routing table Routing Table Public Destinations 7 Routes 7 Destination 1 PrefixLength 12...

Page 1182: ...6 data bytes press CTRL_C to break Reply from 2001 db8 6 6 bytes 56 Sequence 1 hop limit 60 time 110 ms Reply from 2001 db8 6 6 bytes 56 Sequence 2 hop limit 60 time 90 ms Reply from 2001 db8 6 6 bytes 56 Sequence 3 hop limit 60 time 110 ms Reply from 2001 db8 6 6 bytes 56 Sequence 4 hop limit 60 time 130 ms Reply from 2001 db8 6 6 bytes 56 Sequence 5 hop limit 60 time 140 ms 2001 db8 6 6 ping sta...

Page 1183: ... 255 bgp 100 peer 3 3 3 3 as number 100 peer 3 3 3 3 connect interface LoopBack1 peer 2001 db8 1 1 as number 300 ipv4 family unicast undo synchronization peer 3 3 3 3 enable ipv6 family unicast undo synchronization peer 3 3 3 3 enable peer 3 3 3 3 label route capability peer 2001 db8 1 1 enable ospf 1 area 0 0 0 0 network 2 2 2 2 0 0 0 0 network 20 1 1 0 0 0 0 255 return l ASBR1 configuration file...

Page 1184: ... 1 1 2 enable peer 192 1 1 2 label route capability ospf 1 area 0 0 0 0 network 3 3 3 3 0 0 0 0 network 20 1 1 0 0 0 0 255 return l ASBR2 configuration file sysname ASBR2 ipv6 mpls lsr id 4 4 4 4 mpls mpls ldp interface GigabitEthernet1 0 0 undo shutdown ip address 192 1 1 2 255 255 255 0 mpls interface GigabitEthernet1 0 1 undo shutdown ip address 20 1 2 1 255 255 255 0 mpls mpls ldp interface Lo...

Page 1185: ...ce GigabitEthernet1 0 1 undo shutdown ip address 20 1 2 2 255 255 255 0 mpls mpls ldp interface LoopBack1 ip address 5 5 5 5 255 255 255 255 bgp 200 peer 4 4 4 4 as number 200 peer 4 4 4 4 connect interface LoopBack1 peer 2001 db8 2 1 as number 400 ipv4 family unicast undo synchronization peer 4 4 4 4 enable ipv6 family unicast undo synchronization peer 4 4 4 4 enable peer 4 4 4 4 label route capa...

Page 1186: ...ect to different ASs deploy 6PE for the IPv6 networks to communicate In practical application different inter AS 6PE solutions are provided for separate IPv6 networks that connect to multiple ASs depending on the types of links between the PEs of the ASs If inter AS OptionC tunnels are established between PEs use the inter AS 6PE OptionC solution As shown in Figure 9 7 an IPv6 link is established ...

Page 1187: ...s can be established in each AS 3 Configure a BGP LSP between PE1 and PE2 l Configure a routing policy on each ASBR Configure a routing policy on each ASBR After receiving a loopback route from a PE in the same AS an ASBR assigns an MPLS label to the route when advertising this route to the remote ASBR An ASBR assigns new MPLS labels to labeled IPv4 routes when advertising the routes to the PE in ...

Page 1188: ...the configuration see the following configuration files Step 2 Configure an IGP on the MPLS backbone networks of AS 100 and AS 200 so that the PEs and ASBRs on each MPLS backbone network can communicate with each other The following example uses OSPF as the IGP The detailed configurations are not provided here NOTE When configuring the IGP configure OSPF to advertise the 32 bit loopback interface ...

Page 1189: ...s on ASBR2 and enable LDP on the interface connected to PE2 ASBR2 mpls lsr id 4 4 4 4 ASBR2 mpls ASBR2 mpls quit ASBR2 mpls ldp ASBR2 mpls ldp quit ASBR2 interface gigabitethernet 1 0 1 ASBR2 GigabitEthernet1 0 1 mpls ASBR2 GigabitEthernet1 0 1 mpls ldp ASBR2 GigabitEthernet1 0 1 quit Configure basic MPLS functions on PE2 and enable LDP on the interface connected to ASBR2 PE2 mpls lsr id 5 5 5 5 P...

Page 1190: ...2 as number 100 ASBR1 bgp peer 2 2 2 2 connect interface loopback 1 ASBR1 bgp quit Establish an MP IBGP peer relationship between PE2 and ASBR2 PE2 bgp 200 PE2 bgp peer 4 4 4 4 as number 200 PE2 bgp peer 4 4 4 4 connect interface loopback 1 PE2 bgp quit Establish an MP IBGP peer relationship between PE2 and ASBR2 ASBR2 bgp 200 ASBR2 bgp peer 5 5 5 5 as number 200 ASBR2 bgp peer 5 5 5 5 connect int...

Page 1191: ...lowing configuration files Step 6 Establish a 6PE peer relationship between PE1 and PE2 Configure PE1 PE1 bgp 100 PE1 bgp peer 5 5 5 5 as number 200 PE1 bgp peer 5 5 5 5 connect interface LoopBack 1 PE1 bgp peer 5 5 5 5 ebgp max hop PE1 bgp ipv6 family unicast PE1 bgp af ipv6 peer 5 5 5 5 enable PE1 bgp af ipv6 peer 5 5 5 5 label route capability PE1 bgp af ipv6 quit PE1 bgp quit Configure PE2 PE2...

Page 1192: ... PE1 and PE2 The command output shows that the BGP4 peer relationship has been established PE1 display bgp ipv6 peer BGP local router ID 2 2 2 2 Local AS number 100 Total number of peers 2 Peers in established state 2 Peer V AS MsgRcvd MsgSent OutQ Up Down State PrefRcv 5 5 5 5 4 200 38 39 0 00 34 02 Established 1 2001 db8 1 1 4 300 27 41 0 00 24 54 Established 1 PE2 display bgp ipv6 peer BGP loca...

Page 1193: ...0 Protocol Direct RelayNextHop TunnelID 0x0 Interface LoopBack1 Flags D Destination 2001 db8 6 PrefixLength 64 NextHop 2001 db8 1 2 Preference 255 Cost 0 Protocol EBGP RelayNextHop TunnelID 0x0 Interface GigabitEthernet1 0 0 Flags D Destination FE80 PrefixLength 10 NextHop Preference 0 Cost 0 Protocol Direct RelayNextHop TunnelID 0x0 Interface NULL0 Flags D Ping the Loopback1 interface of CE2 from...

Page 1194: ...work 2001 db8 5 64 peer 2001 db8 1 2 enable return l PE1 configuration file sysname PE1 ipv6 mpls lsr id 2 2 2 2 mpls mpls ldp interface GigabitEthernet1 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 1 2 64 interface GigabitEthernet1 0 1 undo shutdown ip address 20 1 1 1 255 255 255 0 mpls mpls ldp interface LoopBack1 ip address 2 2 2 2 255 255 255 255 bgp 100 peer 3 3 3 3 as number 100 peer...

Page 1195: ...bitEthernet1 0 1 undo shutdown ip address 20 1 1 2 255 255 255 0 mpls mpls ldp interface LoopBack1 ip address 3 3 3 3 255 255 255 255 bgp 100 peer 2 2 2 2 as number 100 peer 2 2 2 2 connect interface LoopBack1 peer 192 1 1 2 as number 200 peer 192 1 1 2 ebgp max hop 255 ipv4 family unicast undo synchronization network 2 2 2 2 255 255 255 255 peer 2 2 2 2 enable peer 2 2 2 2 route policy policy2 ex...

Page 1196: ...ber 100 peer 192 1 1 1 ebgp max hop 255 ipv4 family unicast undo synchronization network 5 5 5 5 255 255 255 255 peer 5 5 5 5 enable peer 5 5 5 5 route policy policy2 export peer 5 5 5 5 label route capability peer 192 1 1 1 enable peer 192 1 1 1 route policy policy1 export peer 192 1 1 1 label route capability ospf 1 area 0 0 0 0 network 4 4 4 4 0 0 0 0 network 20 1 2 0 0 0 0 255 route policy pol...

Page 1197: ...r 2 2 2 2 enable peer 4 4 4 4 enable peer 4 4 4 4 label route capability ipv6 family unicast undo synchronization peer 2 2 2 2 enable peer 2 2 2 2 label route capability peer 2001 db8 2 1 enable ospf 1 area 0 0 0 0 network 5 5 5 5 0 0 0 0 network 20 1 2 0 0 0 0 255 return l CE2 configuration file sysname CE2 ipv6 interface GigabitEthernet1 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 2 1 64...

Page 1198: ...een CE1 and PE1 and between CE2 and PE2 An IPv4 link is established between PE1 and ASBR1 between PE2 and ASBR2 and between ASBR1 and ASBR2 BGP4 runs between CE1 and PE1 and between PE2 and CE2 MP EBGP runs between PE1 and PE2 and an end to end MPLS tunnel is established between PE1 and PE2 To enable separate IPv6 networks to communicate use inter AS OptionC solution 2 Figure 9 8 Networking diagra...

Page 1199: ... established between PEs of different ASs In most cases these PEs are not directly connected and the maximum hops between them must be specified 5 Configure BGP4 for CE1 and PE1 to communicate and for CE2 and PE2 to communicate Data Preparation To complete the configuration you need the following data l AS numbers of PE1 and ASBR1 are both 100 AS numbers of PE2 and ASBR2 are both 200 AS numbers of...

Page 1200: ...ing uses the display on ASBR1 as an example ASBR1 display bgp peer BGP local router ID 3 3 3 3 Local AS number 100 Total number of peers 1 Peers in established state 1 Peer V AS MsgRcvd MsgSent OutQ Up Down State PrefRcv 192 1 1 2 4 200 1188 1188 0 19 45 35 Established 1 Step 4 Advertise the routes of a PE in an AS to the remote PE Configure ASBR1 to advertise the loopback interface address of PE1...

Page 1201: ... PE1 mpls lsr id 2 2 2 2 PE1 mpls PE1 mpls quit PE1 mpls ldp PE1 mpls ldp quit PE1 interface gigabitethernet 1 0 0 PE1 GigabitEthernet1 0 0 mpls PE1 GigabitEthernet1 0 0 mpls ldp PE1 GigabitEthernet1 0 0 quit Configure basic MPLS functions on ASBR1 and enable LDP on the interface connected to PE1 ASBR1 mpls lsr id 3 3 3 3 ASBR1 mpls ASBR1 mpls quit ASBR1 mpls ldp ASBR1 mpls ldp quit ASBR1 interfac...

Page 1202: ...e USCB or DSCB is stale A before a UpstreamPeer means the session is stale A before a DS means the session is stale A before a NextHop means the LSP is FRR LSP Step 6 Configure ASBRs to exchange labeled IPv4 routes Enable MPLS on GE 1 0 0 that connects ASBR1 to ASBR2 ASBR1 interface gigabitethernet 1 0 0 ASBR1 GigabitEthernet1 0 0 mpls ASBR1 GigabitEthernet1 0 0 quit Configure a routing policy on ...

Page 1203: ... PE2 bgp af ipv6 quit PE2 bgp quit Step 9 Configure CE1 to communicate with PE1 and CE2 to communicate with PE2 Configure CE1 CE1 ipv6 CE1 bgp 300 CE1 bgp router id 1 1 1 1 CE1 bgp peer 2001 db8 1 2 as number 100 CE1 bgp ipv6 family unicast CE1 bgp af ipv6 peer 2001 db8 1 2 enable CE1 bgp af ipv6 network 2001 db8 5 5 64 CE1 bgp af ipv6 quit CE1 bgp quit Configure PE1 PE1 ipv6 PE1 bgp 100 PE1 bgp p...

Page 1204: ...state 2 Peer V AS MsgRcvd MsgSent OutQ Up Down State PrefRcv 2 2 2 2 4 100 53 53 0 00 49 31 Established 2 2001 db8 2 1 4 400 75 107 0 01 12 16 Established 1 Step 10 Check the configurations Run the display ipv6 routing table command on each CE The command output shows that the two CEs have learned the routes to each other s Loopback1 interface The following example uses the display on CE1 CE1 disp...

Page 1205: ...0 Protocol Direct RelayNextHop TunnelID 0x0 Interface NULL0 Flags D Ping the Loopback1 interface of CE2 from CE1 The command output shows that the Loopback1 interface of CE2 can be pinged CE1 ping ipv6 2001 db8 6 6 PING 2001 db8 6 6 56 data bytes press CTRL_C to break Reply from 2001 db8 6 6 bytes 56 Sequence 1 hop limit 62 time 150 ms Reply from 2001 db8 6 6 bytes 56 Sequence 2 hop limit 62 time ...

Page 1206: ...utdown ip address 20 1 1 1 255 255 255 0 mpls mpls ldp interface LoopBack1 ip address 2 2 2 2 255 255 255 255 bgp 100 peer 5 5 5 5 as number 200 peer 5 5 5 5 ebgp max hop 255 peer 5 5 5 5 connect interface LoopBack1 peer 2001 db8 1 1 as number 300 ipv4 family unicast undo synchronization peer 5 5 5 5 enable ipv6 family unicast undo synchronization import route direct peer 5 5 5 5 enable peer 5 5 5...

Page 1207: ... 2 2 2 255 255 255 255 peer 192 1 1 2 enable peer 192 1 1 2 route policy policy1 export peer 192 1 1 2 label route capability ospf 1 import route bgp area 0 0 0 0 network 3 3 3 3 0 0 0 0 network 20 1 1 0 0 0 0 255 route policy policy1 permit node 10 apply mpls label return l ASBR2 configuration file sysname ASBR2 mpls lsr id 4 4 4 4 mpls lsp trigger bgp label route mpls ldp interface GigabitEthern...

Page 1208: ...2 ipv6 mpls lsr id 5 5 5 5 mpls mpls ldp interface GigabitEthernet1 0 0 undo shutdown ipv6 enable ipv6 address 2001 db8 2 2 64 interface GigabitEthernet1 0 1 undo shutdown ip address 20 1 2 2 255 255 255 0 mpls mpls ldp interface LoopBack1 ip address 5 5 5 5 255 255 255 255 bgp 200 peer 2 2 2 2 as number 100 peer 2 2 2 2 ebgp max hop 255 peer 2 2 2 2 connect interface LoopBack1 peer 2001 db8 2 1 a...

Page 1209: ...ic will be quickly redirected to the backup next hop Networking Requirements A 6PE device learns the 6PE routes with the same IP prefix from different 6PE peers After BGP 6PE FRR is configured on the 6PE device a backup link can be selected for the device When the next hop of the primary route between PEs becomes unreachable traffic can be quickly switched to the backup link As shown in Figure 9 9...

Page 1210: ...nships between the PEs 4 Establish EBGP peer relationships between the PEs and CE and import the address of the loopback interface on the CE into BGP 5 Configure 6PE FRR on PE1 Data Preparation To complete the configuration you need the following data l IP or IPv6 addresses of the interfaces on the routers l Numbers of the ASs where the PEs and CE reside l Names of the routing policies used to aff...

Page 1211: ...pls quit PE1 mpls ldp PE1 mpls ldp quit PE1 interface pos2 0 0 PE1 Pos2 0 0 mpls PE1 Pos2 0 0 mpls ldp PE1 Pos2 0 0 quit PE1 interface pos3 0 0 PE1 Pos3 0 0 mpls PE1 Pos3 0 0 mpls ldp PE1 Pos3 0 0 quit The configurations of the PE2 and PE3 are similar to the configuration of PE1 For details see the following configuration files After the configuration is complete run the display mpls ldp lsp comma...

Page 1212: ...peer 1 1 1 1 connect interface LoopBack1 PE2 bgp ipv6 family unicast PE2 bgp af ipv6 peer 1 1 1 1 enable PE2 bgp af ipv6 peer 1 1 1 1 label route capability PE2 bgp af ipv6 quit PE2 bgp quit Configure PE3 PE3 bgp 100 PE3 bgp peer 1 1 1 1 as number 100 PE3 bgp peer 1 1 1 1 connect interface LoopBack1 PE3 bgp ipv6 family unicast PE3 bgp af ipv6 peer 1 1 1 1 enable PE3 bgp af ipv6 peer 1 1 1 1 label ...

Page 1213: ...n the PEs and you can find that the PEs have received the routes to the loopback interface on the CE The following takes the display on PE2 as an example PE2 display ipv6 routing table Routing Table Public Destinations 5 Routes 5 Destination 1 PrefixLength 128 NextHop 1 Preference 0 Cost 0 Protocol Direct RelayNextHop TunnelID 0x0 Interface InLoopBack0 Flags D Destination 2001 db8 2001 PrefixLengt...

Page 1214: ...1 verbose Routing Table Summary Count 1 Destination 2001 db8 2003 1 PrefixLength 128 NextHop FFFF 2 2 2 2 Preference 255 Neighbour 2 2 2 2 ProcessID 0 Label 1033 Protocol IBGP State Active Adv Relied Cost 0 Entry ID 3 EntryFlags 0x80024900 Reference Cnt 2 Tag 0 Priority medium Age 173sec IndirectID 0x4 RelayNextHop TunnelID 0x9 Interface Pos2 0 0 Flags RD BkNextHop FFFF 3 3 3 3 BkInterface BkLabel...

Page 1215: ...umber 100 peer 2 2 2 2 connect interface LoopBack1 peer 3 3 3 3 as number 100 peer 3 3 3 3 connect interface LoopBack1 ipv4 family unicast undo synchronization peer 2 2 2 2 enable peer 3 3 3 3 enable ipv6 family unicast undo synchronization auto frr peer 2 2 2 2 enable peer 2 2 2 2 label route capability peer 3 3 3 3 enable peer 3 3 3 3 label route capability ospf 1 area 0 0 0 0 network 1 1 1 1 0 ...

Page 1216: ...st undo synchronization peer 1 1 1 1 enable peer 1 1 1 1 label route capability peer 2001 db8 2001 2 enable ospf 1 area 0 0 0 0 network 2 2 2 2 0 0 0 0 network 30 1 1 0 0 0 0 3 return l Configuration file of PE3 sysname PE3 ipv6 mpls lsr id 3 3 3 3 mpls mpls ldp interface Pos1 0 0 link protocol ppp ip address 20 1 1 2 255 255 255 252 mpls mpls ldp interface GigabitEthernet2 0 0 link protocol ppp i...

Page 1217: ...of CE1 sysname CE ipv6 interface GigabitEthernet1 0 0 link protocol ppp ipv6 enable ipv6 address 2001 db8 2001 2 64 interface GigabitEthernet2 0 0 link protocol ppp ipv6 enable ipv6 address 2001 db8 2002 2 64 interface LoopBack1 ipv6 enable ipv6 address 2001 db8 2003 1 128 bgp 200 peer 2001 db8 2001 1 as number 100 peer 2001 db8 2002 1 as number 100 ipv4 family unicast undo synchronization ipv6 fa...

Page 1218: ...ed routes 10 6 Applying Filters to Imported Routes By applying the related filters of routing policies to routing protocols you can filter imported routes 10 7 Controlling the Valid Time of the Routing policy To ensure network stability you need to configure the delay for applying a routing policy when modifying the routing policy 10 8 Maintaining the Routing Policy Maintaining routing policies in...

Page 1219: ...s and setting rules The policy is applied to the routing information to meet the requirements of the matching rules l Apply the matching rules to the routing policies for route advertisement reception and import Differences Between Routing Policy and PBR Different from the forwarding by searching the Forwarding information base FIB according to the destination address of a packet Policy based rout...

Page 1220: ...uration Guide IP Services l IP Prefix List The IP prefix list consists of IPv4 prefix list and IPv6 prefix list The implementation of the IP prefix is flexible An IP prefix list is identified by its list name Each prefix list includes multiple entries Each entry can independently specify the matching range in the form of the network prefix The matching range is identified by an index number that d...

Page 1221: ...ute Policy and the system does not search the next matching node Each node comprises a set of if match and apply clauses The if match clauses define the matching rules The matching objects are certain route attributes The relationship between if match clauses in a node is AND A matching succeeds only when all the matching rules specified by the if match clauses in the same nod are matched The appl...

Page 1222: ...n IPv4 Prefix List An IP prefix list filters routes according to IP address prefixes An IP address prefix is defined by the IP address and mask length Context Perform the following steps on the router to which the IP prefix list is applied Procedure Step 1 Run system view The system view is displayed Step 2 Run ip ip prefix ip prefix name index index number permit deny ip address mask length match...

Page 1223: ...nnot pass the filtering list If all entries are in deny mode all routes are filtered It is recommended that you define a permit 0 0 0 0 0 less equal 32 entry after multiple entries in deny mode therefore allowing all the other IPv4 routes to pass the IP prefix list NOTE If more than one IP prefix entry is defined at least one entry should be in the permit mode Step 3 Optional Run ip ip prefix ip p...

Page 1224: ...ex numbers in an ascending order When a route matches an entry it does not match other entries In NE80E 40E all unmatched routes are filtered If all entries are in deny mode all routes are filtered It is recommended that you define a permit 0 less equal 128 after multiple entries in deny mode therefore allowing all the other IPv6 routes to pass the IP prefix list NOTE If more than one IP prefix en...

Page 1225: ...uses l if match clauses define the matching rules The matching rules are used by the routes that match the Route Policy The matching objects refer to some attributes of the route l apply clauses specify actions that is configuration commands used to modify certain attributes For more information about Route Policy refer to the HUAWEI NetEngine80E 40E Router Feature Description IP Routing Pre confi...

Page 1226: ...s denied by the node and the next node is not matched If the entry does not match all the clauses the next node is matched NOTE In the NE80E 40E by default the unmatched routes are denied If multiple nodes are defined in a Route Policy at least one of them should be in permit mode When the parameter route policy is used to filter routes note the following l If a route does not match any node it is...

Page 1227: ...lid as the rules When a route policy is configured to filter routes If the action specified in an ACL rule is permit a route that has matched this rule is considered to have passed the check by the if match clause If the action specified in an ACL rule is deny a route that has matched this rule is considered to have failed the check by the if match clause If a route has not matched any ACL rules t...

Page 1228: ... the first node is a permit node if a route has passed the check by the if match clause the system will take the action specified in the apply clause on this route If the route has not passed the check by the if match clause the system will take the action specified in the apply clause in the second node in the route policy In a route policy where the first node is a deny node if a route has passe...

Page 1229: ...r the same node in a route policy the relationship between if match clauses is AND The route must meet all the matching rules before the actions defined by the apply clauses are performed In the if match route type and if match interface commands the relationship between the if match clauses is OR In other commands the relationship between if match clauses is AND l If no if match clause is specifi...

Page 1230: ...ually exclusive and cannot be configured at the same time l Run apply ip address next hop peer address ipv4 address The next hop address of the IPv4 route is set l Run apply ipv6 next hop peer address ipv6 address The next hop address of the IPv6 route is set l Run apply isis level 1 level 1 2 level 2 The route level of IS IS is set l Run apply ospf backbone stub area The area of the OSPF that rou...

Page 1231: ...policy to BGP routes l Apply a route policy to BGP4 routes l Apply a route policy to multicast routes l Apply a route policy to BGP MPLS IP VPN routes l Apply a route policy to an FRR scenario Procedure l Apply a route policy to direct routes 1 Run system view The system view is displayed 2 To apply a route policy to specific direct routes see Table 10 2 Table 10 2 Applying a route policy to direc...

Page 1232: ...licies to packets based on the QoS information while forwarding these packets In this manner traffic statistics can be collected and authentication and accounting can be performed based on the direct routes ip direct routing table route policy route policy name l Apply a route policy to static routes 1 Run system view The system view is displayed 2 Run ip static routing table route policy route po...

Page 1233: ...name 3 5 4 Configuring RIP to Filter the Routes to be Sent To configure RIP to import the routes from another routing protocol that match a route policy import route static direct unr rip ospf isis process id cost cost route policy route policy name 3 5 4 Configuring RIP to Filter the Routes to be Sent To set a priority for routes that match a route policy preference preference route policy route ...

Page 1234: ...oute policy to IPv4 IS IS routes in the IS IS view Objectives Command Reference To configure IS IS to generate and advertise default routes to the IS IS domain only when external routes that match a route policy exist in the routing table of a Level 1 2 router default route advertise route policy route policy name cost cost tag tag level 1 level 1 2 level 2 avoid learning 7 4 6 Configuring IS IS t...

Page 1235: ...y for the IS IS routes that match a route policy preference route policy route policy name preference 7 6 2 Configuring a Preference Value for IPv4 IS IS To apply a route policy in the IS IS FRR view perform the following operations 1 Run the system view command to enter the system view 2 Run the isis process id command to enter the IS IS view 3 Run the frr command to enter the IS IS FRR view 4 Ru...

Page 1236: ...s To configure IS IS to import the IPv6 routes from another routing protocol that match a route policy ipv6 import route direct static ospfv3 ripng isis process id bgp permit ibgp cost cost tag tag route policy route policy name level 1 level 2 level 1 2 ipv6 import route ripng isis ospfv3 process id direct bgp permit ibgp inherit cost tag tag route policy route policy name level 1 level 2 level 1...

Page 1237: ...w to configure IPv6 IS IS multi topology see 7 18 Configuring Multi Topology for IPv6 IS IS l Apply a route policy to OSPF routes To apply a route policy in the OSPF view perform the following operations 1 Run the system view command to enter the system view 2 Run the ospf process id command to enable an OSPF process and enter the OSPF view 3 To apply a route policy to OSPF routes in the OSPF view...

Page 1238: ...to the MIGP routing table local mt filter policy route policy route policy name To configure a priority for OSPF routes that match a route policy preference ase preference route policy route policy name 5 2 5 Optional Setting the OSPF Priority To apply a route policy in the OSPF area view perform the following operations 1 Run the system view command to enter the system view 2 Run the ospf process...

Page 1239: ... OSPFv3 view 3 To apply a route policy to OSPFv3 routes in the OSPFv3 view see Table 10 8 Table 10 8 Applying a route policy to OSPFv3 routes Objectives Command Reference To configure OSPFv3 to advertise the default routes in the routing table that are not generated by OSPFv3 to an OSPFv3 routing area based on the parameters of a route policy default route advertise always cost cost type type tag ...

Page 1240: ...ommand to enable OSPFv3 IP FRR 5 Run the frr policy route route policy route policy name command to configure OSPFv3 to add the backup routes that match a route policy to the IP routing table For details on how to configure OSPFv3 IP FRR see 6 11 Configuring OSPFv3 IP FRR l Apply a route policy to BGP routes 1 Run the system view command to enter the system view 2 Run the bgp as number plain as nu...

Page 1241: ...tes of the default route peer group name ipv4 address default route advertise route policy route policy name conditional route match all ipv4 address1 mask1 mask length1 1 4 conditional route match any ipv4 address2 mask2 mask length2 1 4 8 16 Configuring a BGP Device to Send a Default Route to Its Peer To prevent a device from performing bit error triggered protection switching when a route polic...

Page 1242: ...al Preventing BGP Routes from Being Added into the IP Routing Table l Apply a route policy to BGP4 routes 1 Run system view The system view is displayed 2 Run bgp as number plain as number dot The BGP view is displayed 3 Run ipv6 family unicast The IPv6 unicast address family view is displayed 4 To apply a route policy to specific BGP4 routes see Table 10 10 Table 10 10 Applying a route policy to ...

Page 1243: ...onfiguring the Next_Hop Attribute To configure a device to send a default route to a peer or a peer group and use a route policy to modify the attributes of the default route peer group name ipv6 address default route advertise route policy route policy name 9 4 5 Configuring Routers to Advertise a Default Route to a Peer To configure a device to accept the routes that match a route policy from a ...

Page 1244: ... ipv4 family command to enable the IPv4 address family for the VPN instance and enter the VPN instance IPv4 address family view 4 Run the auto discovery mdt mvpn import route policy route policy name command to configure the A D mode for multicast VPN and associate the VPN instance IPv4 address family with an import routing policy l Apply a route policy to BGP MPLS IP VPN routes To apply a route p...

Page 1245: ...associate the VPN instance IPv4 or IPv6 address family with one import route policy run the import route policy route policy name command The import route policy command can control route transmission between different VPN instances on a PE while the peer route policy import command can control only the VPNv4 or VPNv6 routes that a PE sends to other PE peers To configure a device to advertise ARP ...

Page 1246: ... applications in VPN FRR see Configuring VPN FRR For route policy applications in IPv6 VPN FRR see Configuring IPv6 VPN FRR For route policy applications in hybrid FRR see Configuring Hybrid FRR For route policy applications in hybrid FRR in a static MPLS IP VPN see Configuring Hybrid FRR End 10 3 6 Checking the Configurations After the Route Policy is configured you can check information about th...

Page 1247: ...s or the integrity of the LSDB Therefore the effect on the commands of filter policy import and filter policy export are different The filter policy import command identifies the route that is added to a local routing table from a protocol routing table only That is this command affects the local routing table only but does not affect the protocol routing table NOTE l BGP has powerful filtering fu...

Page 1248: ...ring policy of a routing protocol is used to filter routes If the action specified in an ACL rule is permit a route that matches the rule will be received or advertised by the system If the action specified in an ACL rule is deny a route that matches the rule will not be received or advertised by the system If a route has not matched any ACL rules the route will not be received or advertised by th...

Page 1249: ...ll routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in t...

Page 1250: ...When a filtering policy of a routing protocol is used to filter routes If the action specified in an ACL rule is permit a route that matches the rule will be received or advertised by the system If the action specified in an ACL rule is deny a route that matches the rule will not be received or advertised by the system If a route has not matched any ACL rules the route will not be received or adve...

Page 1251: ...s not contain any rules all routes matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route wi...

Page 1252: ...the system If the action specified in an ACL rule is deny a route that matches the rule will not be received or advertised by the system If a route has not matched any ACL rules the route will not be received or advertised by the system If an ACL does not contain any rules all routes matching the route policy that references the ACL will not be received or advertised by the system If the ACL refer...

Page 1253: ...hing the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to fi...

Page 1254: ...or advertised by the system If a route has not matched any ACL rules the route will not be received or advertised by the system If an ACL does not contain any rules all routes matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised ...

Page 1255: ...g the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to filte...

Page 1256: ...tching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to ...

Page 1257: ...tion deny in this rule to filter out the unwanted routes Then configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system Then configure...

Page 1258: ...ilters to advertised routes familiarize yourself with the usage scenario complete the pre configuration tasks and obtain the required data This can help you complete the configuration task quickly and accurately Applicable Environment After defining the filters including the IP prefix list ACL and Route Policy related to the routing policy you need to import the filters to the protocols l Filterin...

Page 1259: ...of BGP configuration refer to BGP Configuration l You can run the filter policy command and the import route command with different parameters for RIP OSPF IS IS and BGP For details refer to related configurations Pre configuration Tasks Before applying filters to advertised routes complete the following tasks l 10 2 Configuring the IP Prefix List l Configuring an ACL l 10 3 Configuring the Route ...

Page 1260: ...t contain any rules all routes matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a...

Page 1261: ...n deny in this rule to filter out the unwanted routes Then configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes Route filtering using a whitelist Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system Then configure an...

Page 1262: ...em If a route has not matched any ACL rules the route will not be received or advertised by the system If an ACL does not contain any rules all routes matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the conf...

Page 1263: ...guration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes Then configure another rule with a larger number i...

Page 1264: ... by the system If a route has not matched any ACL rules the route will not be received or advertised by the system If an ACL does not contain any rules all routes matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system...

Page 1265: ...m first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number Routes can be filtered using a blacklist or a whitelist Route filtering using a blacklist Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes Then configure another rule with a larger number in the same ACL and speci...

Page 1266: ... route that matches the rule will be received or advertised by the system If the action specified in an ACL rule is deny a route that matches the rule will not be received or advertised by the system If a route has not matched any ACL rules the route will not be received or advertised by the system If an ACL does not contain any rules all routes matching the route policy that references the ACL wi...

Page 1267: ...ny rules all routes matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the configuration order the system first matches a route with a rule that has a smaller number and then matches the route with a rule with ...

Page 1268: ...or the basic ACL When the rule command is run to configure rules for a named ACL only the source address range specified by source and the time period specified by time range are valid as the rules When a filtering policy of a routing protocol is used to filter routes If the action specified in an ACL rule is permit a route that matches the rule will be received or advertised by the system If the ...

Page 1269: ... If a route has not matched any ACL rules the route will not be received or advertised by the system If an ACL does not contain any rules all routes matching the route policy that references the ACL will not be received or advertised by the system If the ACL referenced by the route policy does not exist all routes matching the route policy will be received or advertised by the system In the config...

Page 1270: ...ommand to check information about the OSPF routing table l Run the display isis process id route command to check information about the ISIS routing table l Run the display bgp routing table command to check information about the BGP routing table l Run the display ip routing table command to check information about the public IPv4 routing table Run the display ip routing table command on the neig...

Page 1271: ...has powerful filtering functions For details of BGP configuration refer to BGP Configuration l You can run the filter policy command and the import route command with different parameters for RIP OSPF IS IS and BGP For details refer to related configurations Pre configuration Tasks Before applying filters to imported routes complete the following tasks l Configuring the IP Prefix List l Configurin...

Page 1272: ...ocedure Step 1 Run system view The system view is displayed Step 2 Run ospf process id An OSPF process is enabled and the OSPF view is displayed Step 3 Run import route limit limit number bgp permit ibgp direct unr rip process id rip static isis process id isis ospf process id ospf cost cost type type tag tag route policy route policy name The external routes are imported End 10 6 4 Applying Route...

Page 1273: ...icy route policy name level 1 level 2 level 1 2 command to import the external routes End 10 6 5 Applying Route Policy to Routes Imported by BGP By applying filters you can control the import of BGP routes Context Perform the following steps on the router that runs BGP Procedure Step 1 Run system view The system view is displayed Step 2 Run bgp as number plain as number dot The BGP view is display...

Page 1274: ...policy To ensure network stability you need to configure the delay for applying a routing policy when modifying the routing policy 10 7 1 Before You Start Before configuring the delay for applying a routing policy familiarize yourself with the usage scenario complete the pre configuration tasks and obtain the required data This can help you complete the configuration task quickly and accurately Ap...

Page 1275: ...uting Policy When modifying multiple cooperative routing policies you need to configure the delay for applying a routing policy Context Perform the following steps on the router on which the delay for applying routing policy needs to be changed Procedure Step 1 Run system view The system view is displayed Step 2 Run route policy change notify delay delay time The delay for applying the routing pol...

Page 1276: ...red Exercise caution when running this command By default the statistics of IP prefix lists and the number of routes which match or do not match the Route Rolicy are not cleared Procedure l Run reset ip ip prefix ip prefix name command in the user view to clear the IPv4 prefix list statistics l Run reset ip ipv6 prefix ipv6 prefix name command in the user view to clear the IPv6 prefix list statist...

Page 1277: ...OS2 0 0 192 168 3 1 24 POS3 0 0 192 168 2 1 24 POS1 0 0 192 168 2 2 24 POS1 0 0 192 168 3 2 24 RouterC RouterD RouterB RouterA OSPF 172 1 16 0 24 172 1 17 0 24 172 1 18 0 24 172 1 19 0 24 172 1 20 0 24 POS1 0 0 192 168 1 1 24 Configuration Roadmap The configuration roadmap is as follows 1 Configure basic OSPF functions on Router A Router B Router C and Router D 2 Configure static routes on Router ...

Page 1278: ...erD ospf RouterD ospf 1 area 0 RouterD ospf 1 area 0 0 0 0 network 192 168 3 0 0 0 0 255 RouterD ospf 1 area 0 0 0 0 quit RouterD ospf 1 quit Step 3 Configure five static routes on Router A and import these routes to OSPF RouterA ip route static 172 1 16 0 24 NULL 0 RouterA ip route static 172 1 17 0 24 NULL 0 RouterA ip route static 172 1 18 0 24 NULL 0 RouterA ip route static 172 1 19 0 24 NULL ...

Page 1279: ... R relay D download to fib Routing Tables Public Destinations 14 Routes 14 Destination Mask Proto Pre Cost Flags NextHop Interface 127 0 0 0 8 Direct 0 0 D 127 0 0 1 InLoopBack0 127 0 0 1 32 Direct 0 0 D 127 0 0 1 InLoopBack0 172 1 17 0 24 O_ASE 150 1 D 192 168 1 1 Pos1 0 0 172 1 18 0 24 O_ASE 150 1 D 192 168 1 1 Pos1 0 0 172 1 19 0 24 O_ASE 150 1 D 192 168 1 1 Pos1 0 0 192 168 1 0 24 Direct 0 0 D...

Page 1280: ... 10 1 D 192 168 3 1 Pos1 0 0 192 168 3 0 24 Direct 0 0 D 192 168 3 2 Pos1 0 0 192 168 3 1 32 Direct 0 0 D 192 168 3 1 Pos1 0 0 192 168 3 2 32 Direct 0 0 D 127 0 0 1 Pos1 0 0 Check the OSPF routing table of Router C You can find that three routes defined by the IP prefix list named a2b are in the OSPF routing table In the link state protocol you can run the filter policy import command to filter th...

Page 1281: ...outerB interface Pos1 0 0 link protocol ppp ip address 192 168 1 2 255 255 255 0 interface Pos2 0 0 link protocol ppp ip address 192 168 3 1 255 255 255 0 interface Pos3 0 0 link protocol ppp ip address 192 168 2 1 255 255 255 0 ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 network 192 168 2 0 0 0 0 255 network 192 168 3 0 0 0 0 255 return l Configuration file of Router C sysname RouterC inter...

Page 1282: ...s set to 20 Figure 10 2 Networking diagram of applying a routing policy for imported routes RouterC POS1 0 0 192 168 1 1 24 POS1 0 0 192 168 1 2 24 POS4 0 0 192 168 2 1 24 POS2 0 0 192 168 2 2 24 GE1 0 0 172 17 1 1 24 RouterA RouterB OSPF IS IS GE2 0 0 172 17 2 1 24 GE3 0 0 172 17 3 1 24 Configuration Roadmap The configuration roadmap is as follows 1 Configure basic IS IS functions on Router B and...

Page 1283: ...igabitEthernet 2 0 0 RouterC GigabitEthernet2 0 0 isis enable RouterC GigabitEthernet2 0 0 quit RouterC interface GigabitEthernet 3 0 0 RouterC GigabitEthernet3 0 0 isis enable RouterC GigabitEthernet3 0 0 quit Configure Router B RouterB isis RouterB isis 1 is level level 2 RouterB isis 1 network entity 10 0000 0000 0002 00 RouterB isis 1 quit RouterB interface pos 2 0 0 RouterB Pos2 0 0 isis enab...

Page 1284: ...rB route policy apply tag 20 RouterB route policy quit RouterB route policy isis2ospf permit node 30 RouterB route policy quit Step 6 Apply the Route Policy when the route is imported Configure Router B and apply the Route Policy as the route is imported RouterB ospf RouterB ospf 1 import route isis 1 route policy isis2ospf RouterB ospf 1 quit Check the OSPF routing table of Router A You can view ...

Page 1285: ...168 2 2 255 255 255 0 isis enable 1 ospf 1 import route isis 1 route policy isis2ospf area 0 0 0 0 network 192 168 1 0 0 0 0 255 route policy isis2ospf permit node 10 if match ip prefix prefix a apply cost 100 route policy isis2ospf permit node 20 if match acl 2002 apply tag 20 route policy isis2ospf permit node 30 ip ip prefix prefix a index 10 permit 172 17 1 0 24 return l Configuration file of ...

Page 1286: ...Ethernet3 0 0 ip address 172 17 3 1 255 255 255 0 isis enable 1 interface Pos4 0 0 link protocol ppp ip address 192 168 2 1 255 255 255 0 isis enable 1 return HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 10 Routing Policy Configuration Issue 02 2014 09 30 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 1261 ...

Page 1287: ...d network side routes to a route monitoring group and associate access side service modules with it so that the service modules can perform primary backup link switchovers upon route changes in the group This mechanism can prevent traffic congestion or loss HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing 11 Route Monitoring Group Configuration Issue 02 2014 09 30 Huawei Proprietary a...

Page 1288: ... hot backup scenario services can be switched to the backup link if the primary link fails therefore preventing traffic overload or forwarding failures 11 1 2 Route Monitoring Group Features Supported by the NE80E 40E A down weight can be set for each route in the route monitoring group based on link attributes such as the bandwidth and a switchover threshold can be set for each service module tha...

Page 1289: ... 11 1 Route monitoring group Network side Access side BRAS Route monitoring group Status management 1 2 3 4 9 10 Trigger Service Module A Service Module B Service Module C Service Module D 11 2 Configuring a Route Monitoring Group In a dual device hot backup scenario you can add network side routes to a route monitoring group and associate access side service modules with it so that the service mo...

Page 1290: ... monitoring group Router A Router B NPE 1 NPE 2 NPE m BRAS 1 BRAS 2 IP Core Primary path Backup path Network side Access side To address the packet drop issue deploy a route monitoring group on each BRAS and add network side routes of the BRAS to the route monitoring group If the down weight sum of the route monitoring group reaches the switchover threshold of a service module that is associated w...

Page 1291: ...ce module to perform a link switchback By default the delay is 5s If a route in a route monitoring group goes Up the RM module delivers this route to the forwarding table and establishes a forwarding entry for it which takes some time Packet loss may occur if the RM module instructs the service module to perform a link switchback immediately when the down weight sum of the route monitoring group f...

Page 1292: ...ce vpn instance name dest address mask mask length command to check information about all route monitoring groups to which a route has been added Run the display ip route monitor group command The command output shows information about all route monitoring groups HUAWEI display ip route monitor group Route monitor group number 2 Route monitor group Total weight Down weight State uplink 20 20 Enabl...

Page 1293: ... to form AS Area border router ABR A router that can belong to more than two areas of which one area must be a backbone area AS Border Router ASBR A router that exchanges routing information with other ASs Autonomous System A network set that uses the same routing policy and is managed by the same technology administration department Each AS has a unique identifier that is an integer The identifie...

Page 1294: ...nd design of TCP IP protocol suite Intra Domain Router A router with all interfaces that belong to an OSPF area M Multi Exit Disc MED An attribute that is equivalent to the metrics used by IGP It is only exchanged between two adjacent ASs The AS that receives this attribute does not advertise it to any other ASs Multiprotocol Border Gateway Protocol A multiprotocol extension for BGP 4 which is als...

Page 1295: ...he neighboring routers Pseudonode A virtual node that is used to simulate broadcast network It is generated by DIS R Router ID A unique identifier of a router in an AS which is an integer of 32 bits S Split Horizon A feature that RIP does not send the route learned from the neighboring interface back to its neighboring router Stub area A specific area in which ABRs do not transmit the routes outsi...

Page 1296: ... forward the traffic of the user V Versatile Routing Platform VRP A versatile operation platform of Huawei data communication Virtual Link A logical channel that connects two ABRs through a non backbone area Virtual System The system identified by an additional system ID is used to generate extended LSP fragments These fragments carry the additional system IDs in their LSP IDs HUAWEI NetEngine80E ...

Page 1297: ...s Transfer Mode B BDR Backup Designated Router BFD Bidirectional Forwarding Detection BGP Border Gateway Protocol BRI Basic Rate Interface C CE Customer Edge CIDR Classless Inter Domain Routing CLNP Connectionless Network Protocol CPU Central Processing Unit CSNP Complete Sequence Number PDUs HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing B Acronyms and Abbreviations Issue 02 2014 0...

Page 1298: ...anism H HDLC High level Data Link Control HSB Hot Standby I IBGP Internal BGP ICMP Internet Control Message Protocol ID Identification IETF Internet Engineering Task Force IGP Interior Gateway Protocol IP Internet Protocol ISDN Integrated Services Digital Network IS IS Intermediate System Intermediate System HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing B Acronyms and Abbreviations...

Page 1299: ...ate Packet M MAC Medium Access Control MD5 Message Digest 5 MED Multi Exit discrimination MIB Management Information Base MP Multilink PPP MP BGP Multiprotocol Border Gateway Protocol MPLS Multi Protocol Label Switching MTU Maximum Transmission Unit N NBMA Non Broadcast Multiple Access NET Network Entity Title NLRI Network Layer Reachable Information NSSA Not So Stubby Area HUAWEI NetEngine80E 40E...

Page 1300: ...oint to Point Protocol PRI Primary Rate Interface PSNP Partial Sequence Number PDUs R RD Route Distinguisher RIP Routing Information Protocol RM Routing Management RPF Reverse Path Forwarding RPM Routing Policy Management S SNMP Simple Network Management Protocol SPF Shortest Path First T TCP Transmission Control Protocol HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing B Acronyms and...

Page 1301: ... Private Network VRP Versatile Routing Platform VT Virtual Template W WAN Wide Area Network HUAWEI NetEngine80E 40E Router Configuration Guide IP Routing B Acronyms and Abbreviations Issue 02 2014 09 30 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 1276 ...

Reviews:

No comments

Related manuals for Quidway NE40E

DES-3526 - Switch - Stackable

Brand: D-Link Pages: 258

Brand: Abocom Pages: 11

Brand: Abocom Pages: 19

MatrixPRO-II DVI 16x16

Brand: Barco Pages: 43

Brand: Barco Pages: 5

Transportation FiberinMotion

Brand: Radwin Pages: 122

Brand: FOR-A Pages: 39

ER3-100 (5K02-55)

Brand: 8e6 Technologies Pages: 74

Brand: Abocom Pages: 1

NI WLS/ENET-9163

Brand: National Instruments Pages: 36

Brand: Lanner Pages: 63

Brand: E-Lins Pages: 9

Brand: ZyXEL Communications Pages: 2

Brand: Aewin Technologies Pages: 86

BiPAC 5200S RC Series

Brand: Billion Pages: 79

Brand: Tripp Lite Pages: 2

Brand: Ruckus Wireless Pages: 4

Brand: Camozzi Pages: 22

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands